admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #213 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-01-28 13:22:58 -05:00 committed by GitHub
commit 5fd5b222ec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3096 changed files with 103396 additions and 5307 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2005/4xxx/CVE-2005-4891.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-4891",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Simple Machine Forum",
"product": {
"product_data": [
{
"product_name": "Simple Machine Forum",
"version": {
"version_data": [
{
"version_value": "1.0.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/14/10"
},
{
"refsource": "MISC",
"name": "https://securiteam.com/exploits/5HP0N0KG0O/",
"url": "https://securiteam.com/exploits/5HP0N0KG0O/"
}
]
}

63
2006/7xxx/CVE-2006-7246.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7246",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=341323",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=341323"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/04/22/2",
"url": "http://www.openwall.com/lists/oss-security/2010/04/22/2"
},
{
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=574266",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=574266"
},
{
"refsource": "MISC",
"name": "https://lwn.net/Articles/468868/",
"url": "https://lwn.net/Articles/468868/"
}
]
}

63
2007/4xxx/CVE-2007-4773.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4773",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Systrace before 1.6.0 has insufficient escape policy enforcement."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.citi.umich.edu/u/provos/systrace/",
"refsource": "MISC",
"name": "http://www.citi.umich.edu/u/provos/systrace/"
},
{
"refsource": "MISC",
"name": "http://taviso.decsystem.org/research.html",
"url": "http://taviso.decsystem.org/research.html"
},
{
"url": "http://taviso.decsystem.org/research.t2t",
"refsource": "MISC",
"name": "http://taviso.decsystem.org/research.t2t"
},
{
"refsource": "MISC",
"name": "https://www.provos.org/index.php?/archives/2007/12/C2.html",
"url": "https://www.provos.org/index.php?/archives/2007/12/C2.html"
}
]
}

53
2007/4xxx/CVE-2007-4774.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4774",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://taviso.decsystem.org/research.html",
"url": "http://taviso.decsystem.org/research.html"
},
{
"url": "https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60",
"refsource": "MISC",
"name": "https://osdn.net/projects/linux-kernel-docs/scm/git/linux-2.4.36/listCommit?skip=60"
}
]
}

14
2007/6xxx/CVE-2007-6070.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6070",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2007-6070",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1382. Reason: This candidate is a reservation duplicate of CVE-2008-1382. Notes: All CVE users should reference CVE-2008-1382 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

53
2007/6xxx/CVE-2007-6758.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6758",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://cxsecurity.com/issue/WLB-2015050162",
"refsource": "MISC",
"name": "http://cxsecurity.com/issue/WLB-2015050162"
},
{
"refsource": "MISC",
"name": "http://attrition.org/pipermail/vim/2007-April/001545.html",
"url": "http://attrition.org/pipermail/vim/2007-April/001545.html"
}
]
}

55
2008/7xxx/CVE-2008-7314.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-7314",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mIRC",
"product": {
"product_data": [
{
"product_name": "mIRC",
"version": {
"version_data": [
{
"version_value": "before 6.35"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://www.mirc.com/news.html",
"url": "http://www.mirc.com/news.html"
},
{
"refsource": "CONFIRM",
"name": "https://www.mirc.com/versions.txt",
"url": "https://www.mirc.com/versions.txt"
}
]
}

55
2009/1xxx/CVE-2009-1120.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secure@dell.com",
"ID": "CVE-2009-1120",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RepliStor",
"version": {
"version_data": [
{
"version_value": "before ESA-09-003"
}
]
}
}
]
},
"vendor_name": "EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/",
"refsource": "MISC",
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"refsource": "MISC",
"name": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution",
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
]
}

55
2009/3xxx/CVE-2009-3724.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3724",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "python-markdown2",
"product": {
"product_data": [
{
"product_name": "python-markdown2",
"version": {
"version_data": [
{
"version_value": "before 1.0.1.14"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2009/10/29/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2009/10/29/5"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-PYTHON-PYRAD-40000",
"url": "https://snyk.io/vuln/SNYK-PYTHON-PYRAD-40000"
}
]
}

60
2009/5xxx/CVE-2009-5025.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-5025",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PyForum",
"product": {
"product_data": [
{
"product_name": "PyForum",
"version": {
"version_data": [
{
"version_value": "v1.0.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com/files/cve/CVE-2009-5025",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2009-5025"
},
{
"url": "https://www.openwall.com/lists/oss-security/2011/07/26/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/07/26/7"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2009/Nov/353",
"url": "https://seclists.org/fulldisclosure/2009/Nov/353"
}
]
}

50
2009/5xxx/CVE-2009-5068.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-5068",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SMF",
"product": {
"product_data": [
{
"product_name": "SMF",
"version": {
"version_data": [
{
"version_value": "through 2.0.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several \"co-admins\" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "file disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/02/01/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/01/4"
}
]
}

5
2010/0xxx/CVE-2010-0055.json
View File

@ -61,6 +61,11 @@
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-6490123c7c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXQ3NRRTC4A3F3GW2RQNATJHYDIRSCBS/"
}
]
}

5
2010/2xxx/CVE-2010-2076.json
View File

@ -101,6 +101,11 @@
"name": "40969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40969"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

10
2010/2xxx/CVE-2010-2247.json
View File

@ -61,6 +61,16 @@
"url": "https://access.redhat.com/security/cve/cve-2010-2247",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-2247"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-1db19e75db",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JLAGK43ZTRNAMRO7JI2AW4BAZS35QSEE/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-a5b60d0c2b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLHAXN3XRR7RJ73SJTBSW3GZT4GLHI33/"
}
]
}

50
2010/3xxx/CVE-2010-3048.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3048",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Unified Personal Communicator",
"version": {
"version_data": [
{
"version_value": "7.0 (1.13056)"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.fuzzmyapp.com/advisories/FMA-2010-002/FMA-2010-002-EN.xml",
"refsource": "MISC",
"name": "http://www.fuzzmyapp.com/advisories/FMA-2010-002/FMA-2010-002-EN.xml"
}
]
}

14
2010/3xxx/CVE-2010-3295.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3295",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2010-3295",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

2
2011/0xxx/CVE-2011-0467.json
View File

@ -54,7 +54,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the listing of available software of SUSE SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1."
"value": "A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1."
}
]
},

5
2011/1xxx/CVE-2011-1096.json
View File

@ -176,6 +176,11 @@
"refsource": "MLIST",
"name": "[cxf-commits] 20190326 svn commit: r1042570 [4/4] - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-http-signature.html docs/jax-rs-jose.html docs/jax-rs-oauth2.html docs/jax-rs-xml-security.html docs/secure-jax-rs-services.html",
"url": "https://lists.apache.org/thread.html/8d5d29747548a24cccdb7f3e2d4d599ffb7ffe4537426b3c9a852cf4@%3Ccommits.cxf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

50
2011/2xxx/CVE-2011-2668.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-2668",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "1.5.0.3 and earlier"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "header mishandling"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://jvn.jp/en/jp/JVN36721438/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN36721438/index.html"
}
]
}

50
2011/2xxx/CVE-2011-2669.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-2669",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "prior to 3.6"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://jvn.jp/en/jp/JVN70984231/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN70984231/index.html"
}
]
}

50
2011/2xxx/CVE-2011-2670.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-2670",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_value": "before 3.6"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://jvn.jp/en/jp/JVN74649877/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN74649877/index.html"
}
]
}

55
2011/2xxx/CVE-2011-2706.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2706",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sNews",
"version": {
"version_data": [
{
"version_value": "1.7.1"
}
]
}
}
]
},
"vendor_name": "sNews"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/07/20/17",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/07/20/17"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2011/May/300",
"url": "https://seclists.org/fulldisclosure/2011/May/300"
}
]
}

60
2011/2xxx/CVE-2011-2714.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2714",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Drupal",
"product": {
"product_data": [
{
"product_name": "Data-module",
"version": {
"version_data": [
{
"version_value": "6.x-1.0-alpha14"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/07/26/8",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/07/26/8"
},
{
"refsource": "MISC",
"name": "https://www.drupal.org/node/1056470",
"url": "https://www.drupal.org/node/1056470"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2011/Feb/219",
"url": "https://seclists.org/fulldisclosure/2011/Feb/219"
}
]
}

55
2011/2xxx/CVE-2011-2715.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2715",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Drupal",
"product": {
"product_data": [
{
"product_name": "Data-module",
"version": {
"version_data": [
{
"version_value": "6.x-1.0-alpha14"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/07/26/8",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/07/26/8"
},
{
"refsource": "MISC",
"name": "https://www.drupal.org/node/1056470",
"url": "https://www.drupal.org/node/1056470"
}
]
}

50
2011/2xxx/CVE-2011-2933.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2933",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebsiteBaker",
"version": {
"version_data": [
{
"version_value": "through 2.8.1"
}
]
}
}
]
},
"vendor_name": "WebsiteBaker"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Upload"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/19/12",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/19/12"
}
]
}

50
2011/2xxx/CVE-2011-2934.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2934",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebsiteBaker",
"version": {
"version_data": [
{
"version_value": "through 2.8.1"
}
]
}
}
]
},
"vendor_name": "WebsiteBaker"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/19/13",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/19/13"
}
]
}

2
2011/3xxx/CVE-2011-3172.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE SUSE Linux Enterprise: versions prior to 12."
"value": "A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12."
}
]
},

50
2011/3xxx/CVE-2011-3183.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3183",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Concrete CMS",
"version": {
"version_data": [
{
"version_value": "through 5.4.1.1"
}
]
}
}
]
},
"vendor_name": "Concrete CMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/22/11",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/22/11"
}
]
}

50
2011/3xxx/CVE-2011-3202.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3202",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jcow CMS",
"version": {
"version_data": [
{
"version_value": "4.2"
}
]
}
}
]
},
"vendor_name": "Jcow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/30/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/30/5"
}
]
}

50
2011/3xxx/CVE-2011-3203.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3203",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jcow CMS",
"version": {
"version_data": [
{
"version_value": "4.x to 4.2 and 5.x to 5.2"
}
]
}
}
]
},
"vendor_name": "Jcow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/30/6",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/30/6"
}
]
}

5
2011/3xxx/CVE-2011-3389.json
View File

@ -516,6 +516,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0086",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
}
]
}

50
2011/3xxx/CVE-2011-3582.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3582",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Electron Inc.",
"product": {
"product_data": [
{
"product_name": "Advanced Electron Forums (AEF)",
"version": {
"version_data": [
{
"version_value": "through 1.0.9"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/09/30/3",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/09/30/3"
}
]
}

60
2011/3xxx/CVE-2011-3595.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3595",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Joomla!",
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "<= 1.7.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/04/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/04/7"
},
{
"refsource": "MISC",
"name": "https://www.rapid7.com/db/vulnerabilities/joomla-20110902-core-xss-vulnerability",
"url": "https://www.rapid7.com/db/vulnerabilities/joomla-20110902-core-xss-vulnerability"
},
{
"refsource": "MISC",
"name": "http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.7.0-stable%5D_cross_site_scripting%28XSS%29",
"url": "http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.7.0-stable%5D_cross_site_scripting%28XSS%29"
}
]
}

60
2011/3xxx/CVE-2011-3610.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3610",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Serendipity",
"product": {
"product_data": [
{
"product_name": "serendipity freetag plugin",
"version": {
"version_data": [
{
"version_value": "before 3.30"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/10/3",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/10/3"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/105054/Secunia-Security-Advisory-46005.html",
"url": "https://packetstormsecurity.com/files/105054/Secunia-Security-Advisory-46005.html"
},
{
"refsource": "MISC",
"name": "https://git.schokokeks.org/freewvs.git/blob/ddc4be296c9c49987b53be064d6d2a9d12f50452/freewvsdb/plugins.freewvs",
"url": "https://git.schokokeks.org/freewvs.git/blob/ddc4be296c9c49987b53be064d6d2a9d12f50452/freewvsdb/plugins.freewvs"
}
]
}

60
2011/3xxx/CVE-2011-3611.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3611",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UseBB",
"version": {
"version_data": [
{
"version_value": "before 1.0.12"
}
]
}
}
]
},
"vendor_name": "UseBB"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Inclusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/10/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/10/4"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/100103/UseBB-1.0.11-Cross-Site-Request-Forgery-Local-File-Inclusion.html",
"url": "https://packetstormsecurity.com/files/100103/UseBB-1.0.11-Cross-Site-Request-Forgery-Local-File-Inclusion.html"
},
{
"refsource": "MISC",
"name": "https://www.immuniweb.com/advisory/HTB22913",
"url": "https://www.immuniweb.com/advisory/HTB22913"
}
]
}

60
2011/3xxx/CVE-2011-3612.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3612",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UseBB",
"version": {
"version_data": [
{
"version_value": "before 1.0.12"
}
]
}
}
]
},
"vendor_name": "UseBB"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/10/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/10/4"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/100103/UseBB-1.0.11-Cross-Site-Request-Forgery-Local-File-Inclusion.html",
"url": "https://packetstormsecurity.com/files/100103/UseBB-1.0.11-Cross-Site-Request-Forgery-Local-File-Inclusion.html"
},
{
"refsource": "MISC",
"name": "https://www.immuniweb.com/advisory/HTB22913",
"url": "https://www.immuniweb.com/advisory/HTB22913"
}
]
}

55
2011/3xxx/CVE-2011-3613.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3613",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vanilla",
"product": {
"product_data": [
{
"product_name": "Vanilla Forums",
"version": {
"version_data": [
{
"version_value": "before 2.0.17.9"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cookie theft"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/10/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/10/5"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/105853/Secunia-Security-Advisory-46387.html",
"url": "https://packetstormsecurity.com/files/105853/Secunia-Security-Advisory-46387.html"
}
]
}

55
2011/3xxx/CVE-2011-3614.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3614",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vanilla",
"product": {
"product_data": [
{
"product_name": "Vanilla Forums",
"version": {
"version_data": [
{
"version_value": "before 2.0.17.9"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "incorrect access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/10/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/10/5"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/105853/Secunia-Security-Advisory-46387.html",
"url": "https://packetstormsecurity.com/files/105853/Secunia-Security-Advisory-46387.html"
}
]
}

55
2011/3xxx/CVE-2011-3621.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3621",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "FluxBB",
"product": {
"product_data": [
{
"product_name": "FluxBB",
"version": {
"version_data": [
{
"version_value": "before 1.4.7"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mishandles reverse proxying"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/18/8",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/18/8"
},
{
"refsource": "MISC",
"name": "https://fluxbb.org/forums/viewtopic.php?id=5751",
"url": "https://fluxbb.org/forums/viewtopic.php?id=5751"
}
]
}

55
2011/3xxx/CVE-2011-3622.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3622",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Phorum",
"product": {
"product_data": [
{
"product_name": "Phorum",
"version": {
"version_data": [
{
"version_value": "before 5.2.18"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/18/9",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/18/9"
},
{
"refsource": "MISC",
"name": "https://www.phorum.org/phorum5/read.php?64,149588",
"url": "https://www.phorum.org/phorum5/read.php?64,149588"
}
]
}

60
2011/4xxx/CVE-2011-4094.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4094",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jara",
"product": {
"product_data": [
{
"product_name": "Jara",
"version": {
"version_data": [
{
"version_value": "1.6"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Jara 1.6 has a SQL injection vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/31/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/31/4"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2011/Oct/767",
"url": "https://seclists.org/fulldisclosure/2011/Oct/767"
},
{
"refsource": "EXPLOIT-DB",
"name": "Exploit Database",
"url": "https://www.exploit-db.com/exploits/18020"
}
]
}

55
2011/4xxx/CVE-2011-4095.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4095",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jara",
"version": {
"version_data": [
{
"version_value": "1.6"
}
]
}
}
]
},
"vendor_name": "Jara"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Jara 1.6 has an XSS vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/10/31/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/10/31/4"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2011/q4/193",
"url": "https://seclists.org/oss-sec/2011/q4/193"
}
]
}

50
2011/4xxx/CVE-2011-4322.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4322",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "websitebaker",
"product": {
"product_data": [
{
"product_name": "websitebaker",
"version": {
"version_data": [
{
"version_value": "prior to and including 2.8.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "websitebaker prior to and including 2.8.1 has an authentication error in backup module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/11/21/2",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/11/21/2"
}
]
}

55
2011/4xxx/CVE-2011-4336.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4336",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tiki",
"product": {
"product_data": [
{
"product_name": "Wiki CMS Groupware",
"version": {
"version_data": [
{
"version_value": "7.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki Wiki CMS Groupware 7.0 has XSS via the GET \"ajax\" parameter to snarf_ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://seclists.org/bugtraq/2011/Nov/140",
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2011/Nov/140"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/48806/info",
"url": "https://www.securityfocus.com/bid/48806/info"
}
]
}

48
2011/4xxx/CVE-2011-4558.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4558",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,51 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/108111/Tiki-Wiki-CMS-Groupware-8.2-Code-Injection.html",
"url": "https://packetstormsecurity.com/files/108111/Tiki-Wiki-CMS-Groupware-8.2-Code-Injection.html"
}
]
}

55
2011/4xxx/CVE-2011-4907.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4907",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Joomla!",
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "1.5x through 1.5.12"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! 1.5x through 1.5.12: Missing JEXEC Check"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/12/25/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/12/25/7"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/301-20090722-core-file-upload.html",
"url": "https://developer.joomla.org/security/news/301-20090722-core-file-upload.html"
}
]
}

50
2011/4xxx/CVE-2011-4943.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4943",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ImpressPages CMS",
"version": {
"version_data": [
{
"version_value": "before v1.0.13"
}
]
}
}
]
},
"vendor_name": "ImpressPages CMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/23/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/23/16"
}
]
}

5
2011/4xxx/CVE-2011-4944.json
View File

@ -146,6 +146,11 @@
"name": "USN-1613-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1613-1"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0086",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
}
]
}

48
2011/5xxx/CVE-2011-5020.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5020",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.cloudscan.me/2012/02/cve-2011-5020-online-tv-database-sql.html",
"refsource": "MISC",
"name": "http://www.cloudscan.me/2012/02/cve-2011-5020-online-tv-database-sql.html"
}
]
}

50
2011/5xxx/CVE-2011-5282.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-5282",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mIRC",
"product": {
"product_data": [
{
"product_name": "mIRC",
"version": {
"version_data": [
{
"version_value": "prior to 7.22"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "data leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.mirc.com/news.html",
"refsource": "MISC",
"name": "http://www.mirc.com/news.html"
}
]
}

55
2012/0xxx/CVE-2012-0070.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0070",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "spamdyke",
"product": {
"product_data": [
{
"product_name": "spamdyke",
"version": {
"version_data": [
{
"version_value": "prior to 4.2.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "spamdyke prior to 4.2.1: STARTTLS reveals plaintext"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/01/20/7"
},
{
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-0070",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-0070"
}
]
}

55
2012/0xxx/CVE-2012-0334.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0334",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "IronPort Web Security Appliance AsyncOS",
"version": {
"version_data": [
{
"version_value": "prior to 7.5"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/52981",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52981"
},
{
"refsource": "CONFIRM",
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-0334",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-0334"
}
]
}

5
2012/0xxx/CVE-2012-0803.json
View File

@ -61,6 +61,11 @@
"name": "http://svn.apache.org/viewvc?view=revision&revision=1233457",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1233457"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/0xxx/CVE-2012-0845.json
View File

@ -151,6 +151,11 @@
"name": "http://python.org/download/releases/2.7.3/",
"refsource": "CONFIRM",
"url": "http://python.org/download/releases/2.7.3/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0086",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
}
]
}

50
2012/0xxx/CVE-2012-0945.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2012-0945",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "whoopsie-daisy",
"product": {
"product_data": [
{
"product_name": "whoopsie-daisy",
"version": {
"version_data": [
{
"version_value": "< 0.1.26"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "whoopsie-daisy before 0.1.26: Root user can remove arbitrary files"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "incorrect access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugs.launchpad.net/ubuntu/+source/whoopsie-daisy/+bug/973687",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/+source/whoopsie-daisy/+bug/973687"
}
]
}

5
2012/1xxx/CVE-2012-1150.json
View File

@ -136,6 +136,11 @@
"name": "http://python.org/download/releases/2.7.3/",
"refsource": "CONFIRM",
"url": "http://python.org/download/releases/2.7.3/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0086",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
}
]
}

55
2012/1xxx/CVE-2012-1316.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1316",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "IronPort Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "through at least 2012-04-11"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/52981",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52981"
},
{
"refsource": "MISC",
"name": "https://www.secureworks.com/research/transitive-trust",
"url": "https://www.secureworks.com/research/transitive-trust"
}
]
}

55
2012/1xxx/CVE-2012-1326.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1326",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "IronPort Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "<= 7.5"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/52981",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52981"
},
{
"refsource": "CONFIRM",
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-1326",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-1326"
}
]
}

63
2012/1xxx/CVE-2012-1495.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1495",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://sourceforge.net/projects/webcalendar/files/webcalendar%201.2/1.2.5/",
"url": "http://sourceforge.net/projects/webcalendar/files/webcalendar%201.2/1.2.5/"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/18775",
"url": "https://www.exploit-db.com/exploits/18775"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/112332/WebCalendar-1.2.4-Remote-Code-Execution.html",
"url": "https://packetstormsecurity.com/files/112332/WebCalendar-1.2.4-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/112323/WebCalendar-1.2.4-Pre-Auth-Remote-Code-Injection.html",
"url": "https://packetstormsecurity.com/files/112323/WebCalendar-1.2.4-Pre-Auth-Remote-Code-Injection.html"
}
]
}

48
2012/1xxx/CVE-2012-1496.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1496",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,51 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Local file inclusion in WebCalendar before 1.2.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://sourceforge.net/projects/webcalendar/files/webcalendar%201.2/1.2.5/",
"url": "http://sourceforge.net/projects/webcalendar/files/webcalendar%201.2/1.2.5/"
}
]
}

64
2012/1xxx/CVE-2012-1562.json
View File

@ -1,8 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1562",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Joomla!",
"product": {
"product_data": [
{
"product_name": "Joomla! core",
"version": {
"version_data": [
{
"version_value": "2.5.2"
},
{
"version_value": "2.5.1"
},
{
"version_value": "2.5.0"
},
{
"version_value": "and all 1.7.x and 1.6.x versions"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +43,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! core before 2.5.3 allows unauthorized password change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/19/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/19/11"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/394-20120304-core-password-change.html",
"url": "https://developer.joomla.org/security/news/394-20120304-core-password-change.html"
}
]
}

69
2012/1xxx/CVE-2012-1563.json
View File

@ -1,8 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1563",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Joomla!",
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "2.5.2"
},
{
"version_value": "2.5.1"
},
{
"version_value": "2.5.0"
},
{
"version_value": "and all 1.7.x and 1.6.x releases"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +43,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! before 2.5.3 allows Admin Account Creation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Admin Account Creation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/19/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/19/11"
},
{
"url": "https://www.exploit-db.com/exploits/41156/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/41156/"
},
{
"refsource": "MISC",
"name": "https://developer.joomla.org/security/news/395-20120303-core-privilege-escalation.html",
"url": "https://developer.joomla.org/security/news/395-20120303-core-privilege-escalation.html"
}
]
}

10
2012/1xxx/CVE-2012-1592.json
View File

@ -71,6 +71,16 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/12",
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/12"
},
{
"refsource": "MLIST",
"name": "[struts-issues] 20200122 [jira] [Created] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database",
"url": "https://lists.apache.org/thread.html/r348ed455a140273c40b974f0615dee692f7c9b26c6de2118b4280ef2@%3Cissues.struts.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[struts-issues] 20200123 [jira] [Closed] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database",
"url": "https://lists.apache.org/thread.html/r93c4e3f6cb138cd117c739714f07e47af547183ba099ba46be2b2a5b@%3Cissues.struts.apache.org%3E"
}
]
}

5
2012/1xxx/CVE-2012-1695.json
View File

@ -71,6 +71,11 @@
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
}
]
}

65
2012/2xxx/CVE-2012-2087.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2087",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISPConfig",
"version": {
"version_data": [
{
"version_value": "3.0.4.3"
}
]
}
}
]
},
"vendor_name": "ISPConfig"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ISPConfig 3.0.4.3: the \"Add new Webdav user\" can chmod and chown entire server from client interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/52936",
"url": "https://www.securityfocus.com/bid/52936"
}
]
}

5
2012/2xxx/CVE-2012-2378.json
View File

@ -86,6 +86,11 @@
"name": "http://svn.apache.org/viewvc?view=revision&revision=1337150",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1337150"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/2xxx/CVE-2012-2379.json
View File

@ -141,6 +141,11 @@
"name": "RHSA-2013:0194",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

5
2012/3xxx/CVE-2012-3451.json
View File

@ -126,6 +126,11 @@
"name": "RHSA-2013:0726",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

68
2012/3xxx/CVE-2012-3821.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3821",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html",
"refsource": "MISC",
"name": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79508",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79508"
},
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0103.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0103.html"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/524462",
"url": "https://www.securityfocus.com/archive/1/524462"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/56117/info",
"url": "https://www.securityfocus.com/bid/56117/info"
}
]
}

53
2012/3xxx/CVE-2012-3822.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3822",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users' credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html",
"refsource": "MISC",
"name": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html"
},
{
"refsource": "XF",
"name": "79509",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79509"
}
]
}

53
2012/3xxx/CVE-2012-3823.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3823",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html",
"refsource": "MISC",
"name": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html"
},
{
"refsource": "XF",
"name": "79510",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79510"
}
]
}

53
2012/3xxx/CVE-2012-3824.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3824",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html",
"refsource": "MISC",
"name": "http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html"
},
{
"refsource": "XF",
"name": "79506",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79506"
}
]
}

48
2012/4xxx/CVE-2012-4030.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4030",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "XF",
"name": "78054",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78054"
}
]
}

63
2012/4xxx/CVE-2012-4284.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4284",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/55002",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55002"
},
{
"url": "http://www.exploit-db.com/exploits/24579",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/24579"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/120643/Viscosity-setuid-set-ViscosityHelper-Privilege-Escalation.html",
"url": "https://packetstormsecurity.com/files/120643/Viscosity-setuid-set-ViscosityHelper-Privilege-Escalation.html"
},
{
"refsource": "CONFIRM",
"name": "https://www.sparklabs.com/viscosity/releasenotes/mac/",
"url": "https://www.sparklabs.com/viscosity/releasenotes/mac/"
}
]
}

63
2012/4xxx/CVE-2012-4603.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4603",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55518",
"url": "http://www.securityfocus.com/bid/55518"
},
{
"refsource": "SECTRACK",
"name": "1027521",
"url": "http://www.securitytracker.com/id?1027521"
},
{
"refsource": "SECTRACK",
"name": "1027522",
"url": "http://www.securitytracker.com/id?1027522"
},
{
"refsource": "XF",
"name": "78433",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78433"
}
]
}

48
2012/4xxx/CVE-2012-4606.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4606",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55432",
"url": "http://www.securityfocus.com/bid/55432"
}
]
}

63
2012/4xxx/CVE-2012-4750.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4750",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79267",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79267"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/524430",
"url": "https://www.securityfocus.com/archive/1/524430"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/117391/Ezhometech-EzServer-7.0-Remote-Heap-Corruption.html",
"url": "https://packetstormsecurity.com/files/117391/Ezhometech-EzServer-7.0-Remote-Heap-Corruption.html"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/55938",
"url": "https://www.securityfocus.com/bid/55938"
}
]
}

58
2012/4xxx/CVE-2012-4760.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4760",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56740",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56740"
},
{
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2012/Nov/108",
"url": "https://seclists.org/bugtraq/2012/Nov/108"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-4760",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-4760"
}
]
}

58
2012/4xxx/CVE-2012-4761.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4761",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56740",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56740"
},
{
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2012/Nov/108",
"url": "https://seclists.org/bugtraq/2012/Nov/108"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-4760",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-4760"
}
]
}

58
2012/4xxx/CVE-2012-4767.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4767",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56740",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56740"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/118491/Safend-Data-Protector-3.4.5586.9772-Privilege-Escalation.html",
"url": "https://packetstormsecurity.com/files/118491/Safend-Data-Protector-3.4.5586.9772-Privilege-Escalation.html"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/524864",
"url": "https://www.securityfocus.com/archive/1/524864"
}
]
}

58
2012/4xxx/CVE-2012-4863.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4863",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "7.1 without Fix Pack 7.1.0.2"
},
{
"version_value": "7.5 without Fix Pack 7.5.0.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +37,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79920",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79920"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/63099",
"url": "https://www.tenable.com/plugins/nessus/63099"
}
]
}

58
2012/4xxx/CVE-2012-4900.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4900",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/58384",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58384"
},
{
"url": "http://www.securitytracker.com/id/1028257",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028257"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82674",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82674"
}
]
}

55
2012/4xxx/CVE-2012-4919.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-4919",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Gallery Plugin authors",
"product": {
"product_data": [
{
"product_name": "Gallery",
"version": {
"version_data": [
{
"version_value": "1.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote File Include"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/57650",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57650"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713"
}
]
}

53
2012/4xxx/CVE-2012-4981.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4981",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/55643",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55643"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78800",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78800"
}
]
}

53
2012/5xxx/CVE-2012-5190.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5190",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/57242",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57242"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81163",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81163"
}
]
}

48
2012/5xxx/CVE-2012-5340.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5340",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "23246",
"url": "http://www.exploit-db.com/exploits/23246"
}
]
}

53
2012/5xxx/CVE-2012-5389.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5389",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/58940",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58940"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83310",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83310"
}
]
}

5
2012/5xxx/CVE-2012-5575.json
View File

@ -126,6 +126,11 @@
"name": "RHSA-2013:0874",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0874.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

114
2012/5xxx/CVE-2012-5626.json
View File

@ -1,8 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5626",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "JBoss BRMS",
"version": {
"version_data": [
{
"version_value": "5"
}
]
}
},
{
"product_name": "JBoss Enterprise Application Platform",
"version": {
"version_data": [
{
"version_value": "5"
}
]
}
},
{
"product_name": "JBoss Operations Network",
"version": {
"version_data": [
{
"version_value": "3.1"
}
]
}
},
{
"product_name": "JBoss Portal",
"version": {
"version_data": [
{
"version_value": "4"
},
{
"version_value": "5"
}
]
}
},
{
"product_name": "JBoss SOA Platform",
"version": {
"version_data": [
{
"version_value": "4.2"
},
{
"version_value": "4.3"
},
{
"version_value": "5"
}
]
}
},
{
"product_name": "JBoss Enterprise Web Server",
"version": {
"version_data": [
{
"version_value": "1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +93,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5626"
},
{
"refsource": "CONFIRM",
"name": "https://access.redhat.com/security/cve/cve-2012-5626",
"url": "https://access.redhat.com/security/cve/cve-2012-5626"
}
]
}

5
2012/5xxx/CVE-2012-5633.json
View File

@ -151,6 +151,11 @@
"name": "RHSA-2013:0726",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
}
]
}

53
2012/5xxx/CVE-2012-5698.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5698",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "BabyGekko before 1.2.4 has SQL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56523",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56523"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80085",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80085"
}
]
}

53
2012/5xxx/CVE-2012-5699.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5699",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "BabyGekko before 1.2.4 allows PHP file inclusion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56523",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56523"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80086",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80086"
}
]
}

53
2012/5xxx/CVE-2012-5867.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5867",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/47095",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/47095"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/15",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/14/15"
}
]
}

55
2012/6xxx/CVE-2012-6083.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6083",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "freeciv",
"product": {
"product_data": [
{
"product_name": "freeciv",
"version": {
"version_data": [
{
"version_value": "before 2.3.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/31/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/31/2"
},
{
"refsource": "MISC",
"name": "https://freeciv.fandom.com/wiki/NEWS-2.3.3",
"url": "https://freeciv.fandom.com/wiki/NEWS-2.3.3"
}
]
}

60
2012/6xxx/CVE-2012-6114.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6114",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Symbolic Link Following"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "git-extras",
"product": {
"product_data": [
{
"product_name": "git-extras",
"version": {
"version_data": [
{
"version_value": "1.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/22/8",
"url": "http://www.openwall.com/lists/oss-security/2013/01/22/8"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/23/5",
"url": "http://www.openwall.com/lists/oss-security/2013/01/23/5"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698490",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698490"
}
]
}

48
2012/6xxx/CVE-2012-6302.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6302",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed Soapbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/10/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/10/1"
}
]
}

48
2012/6xxx/CVE-2012-6344.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6344",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Novell ZENworks Configuration Management before 11.2.4 allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.microfocus.com/kb/doc.php?id=7012761",
"refsource": "MISC",
"name": "https://support.microfocus.com/kb/doc.php?id=7012761"
}
]
}

48
2012/6xxx/CVE-2012-6345.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6345",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.microfocus.com/kb/doc.php?id=7012763",
"refsource": "MISC",
"name": "https://support.microfocus.com/kb/doc.php?id=7012763"
}
]
}

48
2012/6xxx/CVE-2012-6448.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6448",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "38153",
"url": "https://www.exploit-db.com/exploits/38153"
}
]
}

53
2012/6xxx/CVE-2012-6451.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6451",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/57761",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57761"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81870",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81870"
}
]
}

Some files were not shown because too many files have changed in this diff Show More