admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:33:58 +00:00
parent 84f66ea4c2
commit 6653eddfa2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 3521 additions and 3521 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

148
2005/0xxx/CVE-2005-0607.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0607", "ID": "CVE-2005-0607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html" "lang": "eng",
}, "value": "CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message."
{ }
"name" : "http://www.cubecart.com/site/forums/index.php?showtopic=6032", ]
"refsource" : "CONFIRM", },
"url" : "http://www.cubecart.com/site/forums/index.php?showtopic=6032" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1013304", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013304" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cubecart-multiple-path-disclosure(20638)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20638" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html"
},
{
"name": "http://www.cubecart.com/site/forums/index.php?showtopic=6032",
"refsource": "CONFIRM",
"url": "http://www.cubecart.com/site/forums/index.php?showtopic=6032"
},
{
"name": "cubecart-multiple-path-disclosure(20638)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20638"
},
{
"name": "1013304",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013304"
}
]
}
} }

168
2005/0xxx/CVE-2005-0944.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0944", "ID": "CVE-2005-0944",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050331 [HV-HIGH] Microsoft Jet DB engine vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111231465920199&w=2" "lang": "eng",
}, "value": "Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file."
{ }
"name" : "20060804 Will Microsoft patch remarkable old Msjet40.dll issue?", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/442446/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060808 Re: Will Microsoft patch remarkable old Msjet40.dll issue?", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/442610/100/100/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.hexview.com/docs/20050331-1.txt", ]
"refsource" : "MISC", }
"url" : "http://www.hexview.com/docs/20050331-1.txt" ]
}, },
{ "references": {
"name" : "http://blogs.securiteam.com/?p=535", "reference_data": [
"refsource" : "MISC", {
"url" : "http://blogs.securiteam.com/?p=535" "name": "20060808 Re: Will Microsoft patch remarkable old Msjet40.dll issue?",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/442610/100/100/threaded"
"name" : "VU#176380", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/176380" "name": "20050331 [HV-HIGH] Microsoft Jet DB engine vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=111231465920199&w=2"
} },
{
"name": "20060804 Will Microsoft patch remarkable old Msjet40.dll issue?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442446/100/100/threaded"
},
{
"name": "http://www.hexview.com/docs/20050331-1.txt",
"refsource": "MISC",
"url": "http://www.hexview.com/docs/20050331-1.txt"
},
{
"name": "http://blogs.securiteam.com/?p=535",
"refsource": "MISC",
"url": "http://blogs.securiteam.com/?p=535"
},
{
"name": "VU#176380",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/176380"
}
]
}
} }

158
2005/1xxx/CVE-2005-1498.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1498", "ID": "CVE-2005-1498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are displayed in an error message. NOTE: issues 2, 3, and 4 may be due to a problem in associated products rather than myBloggie itself."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050505 Multiple vulnerabilities in myBloggie 2.1.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111531904608224&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are displayed in an error message. NOTE: issues 2, 3, and 4 may be due to a problem in associated products rather than myBloggie itself."
{ }
"name" : "http://mywebland.com/forums/viewtopic.php?t=180", ]
"refsource" : "MISC", },
"url" : "http://mywebland.com/forums/viewtopic.php?t=180" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13507", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13507" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "mybloggie-viewmodephp-xss(20434)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20434" ]
}, },
{ "references": {
"name" : "mybloggie-script-injection(20436)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20436" "name": "http://mywebland.com/forums/viewtopic.php?t=180",
} "refsource": "MISC",
] "url": "http://mywebland.com/forums/viewtopic.php?t=180"
} },
{
"name": "mybloggie-script-injection(20436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20436"
},
{
"name": "20050505 Multiple vulnerabilities in myBloggie 2.1.1",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111531904608224&w=2"
},
{
"name": "mybloggie-viewmodephp-xss(20434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20434"
},
{
"name": "13507",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13507"
}
]
}
} }

158
2005/3xxx/CVE-2005-3072.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3072", "ID": "CVE-2005-3072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14931", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14931" "lang": "eng",
}, "value": "SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors."
{ }
"name" : "ADV-2005-1829", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2005/1829" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19652", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19652" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16923", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16923" ]
}, },
{ "references": {
"name" : "interchange-submit-sql-injection(22386)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22386" "name": "14931",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/14931"
} },
{
"name": "ADV-2005-1829",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1829"
},
{
"name": "interchange-submit-sql-injection(22386)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22386"
},
{
"name": "19652",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19652"
},
{
"name": "16923",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16923"
}
]
}
} }

278
2005/3xxx/CVE-2005-3244.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-3244", "ID": "CVE-2005-3244",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00021.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00021.html" "lang": "eng",
}, "value": "The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors."
{ }
"name" : "DSA-1171", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2006/dsa-1171" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FLSA-2006:152922", "description": [
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-200510-25", ]
"refsource" : "GENTOO", }
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml" ]
}, },
{ "references": {
"name" : "RHSA-2005:809", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-809.html" "name": "RHSA-2005:809",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-809.html"
"name" : "SUSE-SR:2005:025", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_25_sr.html" "name": "17327",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17327"
"name" : "15148", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15148" "name": "GLSA-200510-25",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml"
"name" : "20127", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20127" "name": "17392",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17392"
"name" : "oval:org.mitre.oval:def:9665", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9665" "name": "17480",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17480"
"name" : "1015082", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015082" "name": "1015082",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015082"
"name" : "17377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17377" "name": "http://www.ethereal.com/appnotes/enpa-sa-00021.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.ethereal.com/appnotes/enpa-sa-00021.html"
"name" : "17254", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17254" "name": "20127",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/20127"
"name" : "17286", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17286" "name": "SUSE-SR:2005:025",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_25_sr.html"
"name" : "17327", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17327" "name": "17286",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17286"
"name" : "17392", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17392" "name": "DSA-1171",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1171"
"name" : "17480", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17480" "name": "oval:org.mitre.oval:def:9665",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9665"
"name" : "21813", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21813" "name": "21813",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21813"
} },
{
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name": "17377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17377"
},
{
"name": "15148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15148"
},
{
"name": "17254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17254"
}
]
}
} }

168
2005/3xxx/CVE-2005-3333.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3333", "ID": "CVE-2005-3333",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ebase.co.jp/company/security", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ebase.co.jp/company/security" "lang": "eng",
}, "value": "SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors."
{ }
"name" : "15171", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15171" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20249", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20249" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1015089", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1015089" ]
}, },
{ "references": {
"name" : "17301", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17301" "name": "15171",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15171"
"name" : "ebaseweb-sql-injection(22834)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22834" "name": "17301",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17301"
} },
{
"name": "ebaseweb-sql-injection(22834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22834"
},
{
"name": "20249",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20249"
},
{
"name": "1015089",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015089"
},
{
"name": "http://www.ebase.co.jp/company/security",
"refsource": "CONFIRM",
"url": "http://www.ebase.co.jp/company/security"
}
]
}
} }

178
2005/3xxx/CVE-2005-3516.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3516", "ID": "CVE-2005-3516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051020 XSS & Path Disclosure in Chipmunk's products", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112982490104274&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter."
{ }
"name" : "http://irannetjob.com/content/view/148/28/", ]
"refsource" : "MISC", },
"url" : "http://irannetjob.com/content/view/148/28/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15149", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15149/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20169", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/20169" ]
}, },
{ "references": {
"name" : "17283", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17283/" "name": "15149",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15149/"
"name" : "96", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/96" "name": "20051020 XSS & Path Disclosure in Chipmunk's products",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=112982490104274&w=2"
"name" : "chipmunk-multiple-scripts-xss(22823)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22823" "name": "17283",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17283/"
} },
{
"name": "96",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/96"
},
{
"name": "http://irannetjob.com/content/view/148/28/",
"refsource": "MISC",
"url": "http://irannetjob.com/content/view/148/28/"
},
{
"name": "20169",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20169"
},
{
"name": "chipmunk-multiple-scripts-xss(22823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22823"
}
]
}
} }

188
2005/3xxx/CVE-2005-3650.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3650", "ID": "CVE-2005-3650",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has \"safe for scripting\" enabled, which allows remote attackers to execute arbitrary code by calling vulnerable functions such as RebootMachine, IsAdministrator, and ExecuteCode."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://hack.fi/~muzzy/sony-drm/", "description_data": [
"refsource" : "MISC", {
"url" : "http://hack.fi/~muzzy/sony-drm/" "lang": "eng",
}, "value": "The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has \"safe for scripting\" enabled, which allows remote attackers to execute arbitrary code by calling vulnerable functions such as RebootMachine, IsAdministrator, and ExecuteCode."
{ }
"name" : "http://www.freedom-to-tinker.com/?p=927", ]
"refsource" : "MISC", },
"url" : "http://www.freedom-to-tinker.com/?p=927" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#312073", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/312073" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15430", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15430" ]
}, },
{ "references": {
"name" : "ADV-2005-2454", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2454" "name": "17610",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17610"
"name" : "20887", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20887" "name": "ADV-2005-2454",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2454"
"name" : "17610", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17610" "name": "20887",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/20887"
"name" : "first4internet-xcp-sony-gain-access(23063)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23063" "name": "VU#312073",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/312073"
} },
{
"name": "15430",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15430"
},
{
"name": "first4internet-xcp-sony-gain-access(23063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23063"
},
{
"name": "http://www.freedom-to-tinker.com/?p=927",
"refsource": "MISC",
"url": "http://www.freedom-to-tinker.com/?p=927"
},
{
"name": "http://hack.fi/~muzzy/sony-drm/",
"refsource": "MISC",
"url": "http://hack.fi/~muzzy/sony-drm/"
}
]
}
} }

168
2005/3xxx/CVE-2005-3999.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3999", "ID": "CVE-2005-3999",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/sitebeater-mp3-catalog-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/sitebeater-mp3-catalog-xss-vuln.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
{ }
"name" : "15696", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15696" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2718", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2718" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21424", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21424" ]
}, },
{ "references": {
"name" : "17856", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17856" "name": "21424",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/21424"
"name" : "sitebeater-search-xss(23403)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23403" "name": "17856",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17856"
} },
{
"name": "ADV-2005-2718",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2718"
},
{
"name": "sitebeater-search-xss(23403)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23403"
},
{
"name": "http://pridels0.blogspot.com/2005/12/sitebeater-mp3-catalog-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/sitebeater-mp3-catalog-xss-vuln.html"
},
{
"name": "15696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15696"
}
]
}
} }

138
2005/4xxx/CVE-2005-4377.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4377", "ID": "CVE-2005-4377",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) PageID and (2) SiteNodeID parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/baseline-cms-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/baseline-cms-vuln.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) PageID and (2) SiteNodeID parameters."
{ }
"name" : "ADV-2005-2974", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2005/2974" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21938", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21938" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "21938",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21938"
},
{
"name": "http://pridels0.blogspot.com/2005/12/baseline-cms-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/baseline-cms-vuln.html"
},
{
"name": "ADV-2005-2974",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2974"
}
]
}
} }

118
2005/4xxx/CVE-2005-4447.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4447", "ID": "CVE-2005-4447",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in articles\\articles_funcs.php in phpCOIN 1.2.2 allows remote attackers to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. NOTE: the original disclosure suggests that command injection is not feasible because the injection occurs after an \"ORDER BY\" clause, but it is likely that this bug could result in an error message path disclosure due to a syntax error, in some environments. Therefore this is an exposure and should be included in CVE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051216 phpCOIN-1.2.2-Full-2005 SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/419637/100/0/threaded" "lang": "eng",
} "value": "SQL injection vulnerability in articles\\articles_funcs.php in phpCOIN 1.2.2 allows remote attackers to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. NOTE: the original disclosure suggests that command injection is not feasible because the injection occurs after an \"ORDER BY\" clause, but it is likely that this bug could result in an error message path disclosure due to a syntax error, in some environments. Therefore this is an exposure and should be included in CVE."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051216 phpCOIN-1.2.2-Full-2005 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419637/100/0/threaded"
}
]
}
} }

32
2009/0xxx/CVE-2009-0589.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2009-0589", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2009-0589",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

158
2009/0xxx/CVE-2009-0700.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0700", "ID": "CVE-2009-0700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090107 Plunet BusinessManager failure in access controls and multiple stored cross site scripting", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2009-01/0032.html" "lang": "eng",
}, "value": "Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp."
{ }
"name" : "20090109 Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2009-01/0054.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2008-04.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2008-04.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33153", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/33153" ]
}, },
{ "references": {
"name" : "businessmanager-multiple-security-bypass(47794)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47794" "name": "http://www.securenetwork.it/ricerca/advisory/download/SN-2008-04.txt",
} "refsource": "MISC",
] "url": "http://www.securenetwork.it/ricerca/advisory/download/SN-2008-04.txt"
} },
{
"name": "20090107 Plunet BusinessManager failure in access controls and multiple stored cross site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2009-01/0032.html"
},
{
"name": "20090109 Re: Plunet BusinessManager failure in access controls and multiple stored cross site scripting",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2009-01/0054.html"
},
{
"name": "businessmanager-multiple-security-bypass(47794)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47794"
},
{
"name": "33153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33153"
}
]
}
} }

188
2009/0xxx/CVE-2009-0942.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0942", "ID": "CVE-2009-0942",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT3549", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3549" "lang": "eng",
}, "value": "Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files."
{ }
"name" : "APPLE-SA-2009-05-12", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA09-133A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34926", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/34926" ]
}, },
{ "references": {
"name" : "1022216", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022216" "name": "http://support.apple.com/kb/HT3549",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3549"
"name" : "35074", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35074" "name": "35074",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35074"
"name" : "ADV-2009-1297", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1297" "name": "APPLE-SA-2009-05-12",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
"name" : "macos-helpviewer-css-code-execution(50485)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50485" "name": "34926",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/34926"
} },
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "macos-helpviewer-css-code-execution(50485)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50485"
},
{
"name": "1022216",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022216"
}
]
}
} }

178
2009/2xxx/CVE-2009-2254.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2254", "ID": "CVE-2009-2254",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a \"SQL Execution\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9005", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9005" "lang": "eng",
}, "value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a \"SQL Execution\" issue."
{ }
"name" : "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965", ]
"refsource" : "CONFIRM", },
"url" : "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.zen-cart.com/forum/showthread.php?t=130161", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.zen-cart.com/forum/showthread.php?t=130161" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35468", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/35468" ]
}, },
{ "references": {
"name" : "55343", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/55343" "name": "55343",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/55343"
"name" : "35550", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35550" "name": "http://www.zen-cart.com/forum/showthread.php?t=130161",
}, "refsource": "CONFIRM",
{ "url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
"name" : "zencart-sqlpatch-sql-injection(51317)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317" "name": "35468",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/35468"
} },
{
"name": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9005",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"name": "35550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35550"
},
{
"name": "zencart-sqlpatch-sql-injection(51317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
}
]
}
} }

148
2009/3xxx/CVE-2009-3058.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3058", "ID": "CVE-2009-3058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9568", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9568" "lang": "eng",
}, "value": "Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file."
{ }
"name" : "http://packetstormsecurity.org/0909-exploits/akplayer-overflow.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/0909-exploits/akplayer-overflow.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36521", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36521" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-2517", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/2517" ]
} },
] "references": {
} "reference_data": [
{
"name": "9568",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9568"
},
{
"name": "36521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36521"
},
{
"name": "http://packetstormsecurity.org/0909-exploits/akplayer-overflow.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0909-exploits/akplayer-overflow.txt"
},
{
"name": "ADV-2009-2517",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2517"
}
]
}
} }

288
2009/3xxx/CVE-2009-3699.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3699", "ID": "CVE-2009-3699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091007 IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825" "lang": "eng",
}, "value": "Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd."
{ }
"name" : "https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz", ]
"refsource" : "MISC", },
"url" : "https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc", "description": [
"refsource" : "CONFIRM", {
"url" : "http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IZ61628", ]
"refsource" : "AIXAPAR", }
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ61628" ]
}, },
{ "references": {
"name" : "IZ61717", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ61717" "name": "ADV-2009-2846",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/2846"
"name" : "IZ62123", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62123" "name": "IZ62237",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62237"
"name" : "IZ62237", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62237" "name": "IZ62570",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62570"
"name" : "IZ62569", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62569" "name": "IZ61628",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ61628"
"name" : "IZ62570", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62570" "name": "1022996",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1022996"
"name" : "IZ62571", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62571" "name": "20091007 IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825"
"name" : "IZ62572", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62572" "name": "http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc",
}, "refsource": "CONFIRM",
{ "url": "http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc"
"name" : "IZ62672", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ62672" "name": "IZ62569",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62569"
"name" : "36615", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36615" "name": "ibm-aix-rpccmsd-bo(53681)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53681"
"name" : "58726", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/58726" "name": "IZ62571",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62571"
"name" : "1022996", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1022996" "name": "IZ62123",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62123"
"name" : "36978", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36978" "name": "IZ62672",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62672"
"name" : "ADV-2009-2846", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2846" "name": "IZ62572",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ62572"
"name" : "ibm-aix-rpccmsd-bo(53681)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53681" "name": "36978",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/36978"
} },
{
"name": "IZ61717",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ61717"
},
{
"name": "https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz",
"refsource": "MISC",
"url": "https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz"
},
{
"name": "58726",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/58726"
},
{
"name": "36615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36615"
}
]
}
} }

118
2009/3xxx/CVE-2009-3763.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3763", "ID": "CVE-2009-3763",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Access Manager / OpenSSO component in Oracle OpenSSO Enterprise 7.1, 7, 2005Q4, and 8.0 allows remote attackers to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Access Manager / OpenSSO component in Oracle OpenSSO Enterprise 7.1, 7, 2005Q4, and 8.0 allows remote attackers to affect integrity via unknown vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}
]
}
} }

148
2009/4xxx/CVE-2009-4763.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4763", "ID": "CVE-2009-4763",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVisites before 2.4, has unknown impact and attack vectors. NOTE: due to lack of details from the vendor, it is not clear whether this is related to CVE-2008-5793."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpmyvisites.us/phpmv2/CHANGELOG", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpmyvisites.us/phpmv2/CHANGELOG" "lang": "eng",
}, "value": "Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVisites before 2.4, has unknown impact and attack vectors. NOTE: due to lack of details from the vendor, it is not clear whether this is related to CVE-2008-5793."
{ }
"name" : "38824", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/38824" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38862", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38862" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "clickheat-phpmyvisites-unspecified(57004)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57004" ]
} },
] "references": {
} "reference_data": [
{
"name": "38824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38824"
},
{
"name": "http://www.phpmyvisites.us/phpmv2/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://www.phpmyvisites.us/phpmv2/CHANGELOG"
},
{
"name": "clickheat-phpmyvisites-unspecified(57004)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57004"
},
{
"name": "38862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38862"
}
]
}
} }

158
2012/2xxx/CVE-2012-2116.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2116", "ID": "CVE-2012-2116",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120418 CVE Request for Drupal Contributed Advisories on 2012-04-18", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/04/18/11" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart."
{ }
"name" : "[oss-security] 20120418 Re: CVE Request for Drupal Contributed Advisories on 2012-04-18", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/04/19/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/1538198", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/1538198" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://drupalcode.org/project/commerce_reorder.git/commit/bf060ab", ]
"refsource" : "CONFIRM", }
"url" : "http://drupalcode.org/project/commerce_reorder.git/commit/bf060ab" ]
}, },
{ "references": {
"name" : "48912", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48912" "name": "http://drupal.org/node/1538198",
} "refsource": "CONFIRM",
] "url": "http://drupal.org/node/1538198"
} },
{
"name": "http://drupalcode.org/project/commerce_reorder.git/commit/bf060ab",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/commerce_reorder.git/commit/bf060ab"
},
{
"name": "48912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48912"
},
{
"name": "[oss-security] 20120418 CVE Request for Drupal Contributed Advisories on 2012-04-18",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/18/11"
},
{
"name": "[oss-security] 20120418 Re: CVE Request for Drupal Contributed Advisories on 2012-04-18",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/1"
}
]
}
} }

178
2012/2xxx/CVE-2012-2400.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2400", "ID": "CVE-2012-2400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://core.trac.wordpress.org/changeset/20499/branches/3.3/wp-includes/js/swfobject.js", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://core.trac.wordpress.org/changeset/20499/branches/3.3/wp-includes/js/swfobject.js" "lang": "eng",
}, "value": "Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors."
{ }
"name" : "http://wordpress.org/news/2012/04/wordpress-3-3-2/", ]
"refsource" : "CONFIRM", },
"url" : "http://wordpress.org/news/2012/04/wordpress-3-3-2/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2470", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2470" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53192", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/53192" ]
}, },
{ "references": {
"name" : "81460", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/81460" "name": "49138",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49138"
"name" : "49138", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49138" "name": "81460",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/81460"
"name" : "wordpress-swfobject-unspecified(75209)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75209" "name": "wordpress-swfobject-unspecified(75209)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75209"
} },
{
"name": "DSA-2470",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2470"
},
{
"name": "http://core.trac.wordpress.org/changeset/20499/branches/3.3/wp-includes/js/swfobject.js",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/changeset/20499/branches/3.3/wp-includes/js/swfobject.js"
},
{
"name": "53192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53192"
},
{
"name": "http://wordpress.org/news/2012/04/wordpress-3-3-2/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/news/2012/04/wordpress-3-3-2/"
}
]
}
} }

168
2012/2xxx/CVE-2012-2551.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-2551", "ID": "CVE-2012-2551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka \"Kerberos NULL Dereference Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-069", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-069" "lang": "eng",
}, "value": "The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka \"Kerberos NULL Dereference Vulnerability.\""
{ }
"name" : "TA12-283A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-283A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55778", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55778" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15674", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15674" ]
}, },
{ "references": {
"name" : "1027620", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027620" "name": "oval:org.mitre.oval:def:15674",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15674"
"name" : "50867", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50867" "name": "50867",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/50867"
} },
{
"name": "1027620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027620"
},
{
"name": "MS12-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-069"
},
{
"name": "55778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55778"
},
{
"name": "TA12-283A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
}
]
}
} }

188
2012/2xxx/CVE-2012-2652.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2652", "ID": "CVE-2012-2652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169" "lang": "eng",
}, "value": "The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file."
{ }
"name" : "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log", ]
"refsource" : "CONFIRM", },
"url" : "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2545", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2545" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2012:1202", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html" ]
}, },
{ "references": {
"name" : "USN-1522-1", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1522-1" "name": "50132",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/50132"
"name" : "53725", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53725" "name": "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log",
}, "refsource": "CONFIRM",
{ "url": "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log"
"name" : "50132", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50132" "name": "50689",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/50689"
"name" : "50689", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50689" "name": "53725",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/53725"
} },
{
"name": "SUSE-SU-2012:1202",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html"
},
{
"name": "USN-1522-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1522-1"
},
{
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169"
},
{
"name": "DSA-2545",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2545"
}
]
}
} }

32
2012/2xxx/CVE-2012-2736.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2736", "ID": "CVE-2012-2736",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2012/2xxx/CVE-2012-2821.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2821", "ID": "CVE-2012-2821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=122925", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=122925" "lang": "eng",
}, "value": "The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openSUSE-SU-2012:0813", "description": [
"refsource" : "SUSE", {
"url" : "https://hermes.opensuse.org/messages/15075728" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15565", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15565" ]
} },
] "references": {
} "reference_data": [
{
"name": "openSUSE-SU-2012:0813",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=122925",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=122925"
},
{
"name": "oval:org.mitre.oval:def:15565",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15565"
}
]
}
} }

148
2015/0xxx/CVE-2015-0378.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-0378", "ID": "CVE-2015-0378",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc."
{ }
"name" : "72147", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72147" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031583", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031583" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oracle-cpujan2015-cve20150378(100174)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100174" ]
} },
] "references": {
} "reference_data": [
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "72147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72147"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "oracle-cpujan2015-cve20150378(100174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100174"
}
]
}
} }

128
2015/1xxx/CVE-2015-1566.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1566", "ID": "CVE-2015-1566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.dnnsoftware.com/platform/manage/security-center", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.dnnsoftware.com/platform/manage/security-center" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "62832", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/62832" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.dnnsoftware.com/platform/manage/security-center",
"refsource": "CONFIRM",
"url": "http://www.dnnsoftware.com/platform/manage/security-center"
},
{
"name": "62832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62832"
}
]
}
} }

32
2015/1xxx/CVE-2015-1690.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-1690", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-1690",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

138
2015/1xxx/CVE-2015-1728.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-1728", "ID": "CVE-2015-1728",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka \"Windows Media Player RCE via DataObject Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150701 Microsoft Windows Media Player DataObject Switch Memory Corruption Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1200" "lang": "eng",
}, "value": "Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka \"Windows Media Player RCE via DataObject Vulnerability.\""
{ }
"name" : "MS15-057", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-057" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032522", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032522" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1032522",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032522"
},
{
"name": "20150701 Microsoft Windows Media Player DataObject Switch Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1200"
},
{
"name": "MS15-057",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-057"
}
]
}
} }

32
2015/5xxx/CVE-2015-5046.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5046", "ID": "CVE-2015-5046",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2015/5xxx/CVE-2015-5268.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5268", "ID": "CVE-2015-5268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150921 Moodle security release", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/21/1" "lang": "eng",
}, "value": "The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=320292", "description": [
"refsource" : "CONFIRM", {
"url" : "https://moodle.org/mod/forum/discuss.php?d=320292" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033619", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033619" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=320292",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=320292"
},
{
"name": "[oss-security] 20150921 Moodle security release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/21/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173"
},
{
"name": "1033619",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033619"
}
]
}
} }

138
2015/5xxx/CVE-2015-5401.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5401", "ID": "CVE-2015-5401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fortiguard.com/advisory/FG-VD-15-038/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.fortiguard.com/advisory/FG-VD-15-038/" "lang": "eng",
}, "value": "Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message."
{ }
"name" : "https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution", ]
"refsource" : "MISC", },
"url" : "https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033005", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033005" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguard.com/advisory/FG-VD-15-038/",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FG-VD-15-038/"
},
{
"name": "https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution",
"refsource": "MISC",
"url": "https://blog.fortinet.com/2015/07/23/teradata-vulnerability-announced-big-potential-headaches-for-big-data-solution"
},
{
"name": "1033005",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033005"
}
]
}
} }

238
2015/5xxx/CVE-2015-5571.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-5571", "ID": "CVE-2015-5571",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671 and CVE-2014-5333."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671 and CVE-2014-5333."
{ }
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841", ]
"refsource" : "CONFIRM", },
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "name": "RHSA-2015:1814",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1814.html"
"name" : "GLSA-201509-07", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201509-07" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "RHSA-2015:1814", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1814.html" "name": "openSUSE-SU-2015:1616",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html"
"name" : "openSUSE-SU-2015:1781", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" "name": "1033629",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033629"
"name" : "SUSE-SU-2015:1614", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html" "name": "SUSE-SU-2015:1618",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html"
"name" : "SUSE-SU-2015:1618", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html" "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841",
}, "refsource": "CONFIRM",
{ "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841"
"name" : "openSUSE-SU-2015:1616", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "76803", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76803" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html"
"name" : "1033629", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033629" "name": "SUSE-SU-2015:1614",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html"
} },
{
"name": "GLSA-201509-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-07"
},
{
"name": "76803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76803"
},
{
"name": "openSUSE-SU-2015:1781",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}
} }

138
2015/5xxx/CVE-2015-5780.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5780", "ID": "CVE-2015-5780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205265", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205265" "lang": "eng",
}, "value": "The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors."
{ }
"name" : "APPLE-SA-2015-09-30-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033688", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033688" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT205265",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205265"
},
{
"name": "1033688",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033688"
},
{
"name": "APPLE-SA-2015-09-30-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html"
}
]
}
} }

202
2018/11xxx/CVE-2018-11070.json
View File

@ -1,104 +1,104 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@dell.com", "ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC" : "2018-09-05T04:00:00.000Z", "DATE_PUBLIC": "2018-09-05T04:00:00.000Z",
"ID" : "CVE-2018-11070", "ID": "CVE-2018-11070",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "RSA BSAFE Crypto-J", "product_name": "RSA BSAFE Crypto-J",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2.4" "version_value": "6.2.4"
} }
] ]
} }
}, },
{ {
"product_name" : "RSA BSAFE SSL-J ", "product_name": "RSA BSAFE SSL-J ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2.4" "version_value": "6.2.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Dell EMC" "vendor_name": "Dell EMC"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Covert Timing Channel Vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180905 DSA-2018-150:RSA BSAFE SSL-J Multiple Vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "https://seclists.org/fulldisclosure/2018/Sep/7" "lang": "eng",
}, "value": "RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key."
{ }
"name" : "1041614", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1041614" "impact": {
}, "cvss": {
{ "attackComplexity": "HIGH",
"name" : "1041615", "attackVector": "NETWORK",
"refsource" : "SECTRACK", "availabilityImpact": "NONE",
"url" : "http://www.securitytracker.com/id/1041615" "baseScore": 5.9,
} "baseSeverity": "MEDIUM",
] "confidentialityImpact": "HIGH",
}, "integrityImpact": "NONE",
"source" : { "privilegesRequired": "NONE",
"discovery" : "UNKNOWN" "scope": "UNCHANGED",
} "userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Covert Timing Channel Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041615",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041615"
},
{
"name": "1041614",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041614"
},
{
"name": "20180905 DSA-2018-150:RSA BSAFE SSL-J Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2018/Sep/7"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
} }

118
2018/11xxx/CVE-2018-11411.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11411", "ID": "CVE-2018-11411",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://medium.com/@jonghyk.song/dimoncoin-fud-erc20-token-allows-attackers-to-steal-all-victims-balances-cve-2018-11411-ba9a320604f9", "description_data": [
"refsource" : "MISC", {
"url" : "https://medium.com/@jonghyk.song/dimoncoin-fud-erc20-token-allows-attackers-to-steal-all-victims-balances-cve-2018-11411-ba9a320604f9" "lang": "eng",
} "value": "The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@jonghyk.song/dimoncoin-fud-erc20-token-allows-attackers-to-steal-all-victims-balances-cve-2018-11411-ba9a320604f9",
"refsource": "MISC",
"url": "https://medium.com/@jonghyk.song/dimoncoin-fud-erc20-token-allows-attackers-to-steal-all-victims-balances-cve-2018-11411-ba9a320604f9"
}
]
}
} }

118
2018/11xxx/CVE-2018-11880.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11880", "ID": "CVE-2018-11880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SD 835, SD 845, SD 850, SDA660" "version_value": "SD 835, SD 845, SD 850, SDA660"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy Without Checking Size of Input in WLAN"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "lang": "eng",
} "value": "Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy Without Checking Size of Input in WLAN"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
}
} }

138
2018/11xxx/CVE-2018-11913.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11913", "ID": "CVE-2018-11913",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of dev nodes may lead to potential security issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=7e10a2c815f02696824a6a146304a77d7d47fc43", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=7e10a2c815f02696824a6a146304a77d7d47fc43" "lang": "eng",
}, "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of dev nodes may lead to potential security issue."
{ }
"name" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=e4d7a885bca8251517ada85545656bfe7a2e6834", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=e4d7a885bca8251517ada85545656bfe7a2e6834" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=e4d7a885bca8251517ada85545656bfe7a2e6834",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=e4d7a885bca8251517ada85545656bfe7a2e6834"
},
{
"name": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin"
},
{
"name": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=7e10a2c815f02696824a6a146304a77d7d47fc43",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=7e10a2c815f02696824a6a146304a77d7d47fc43"
}
]
}
} }

32
2018/3xxx/CVE-2018-3366.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3366", "ID": "CVE-2018-3366",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/3xxx/CVE-2018-3381.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3381", "ID": "CVE-2018-3381",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/3xxx/CVE-2018-3618.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3618", "ID": "CVE-2018-3618",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7131.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7131", "ID": "CVE-2018-7131",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7138.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7138", "ID": "CVE-2018-7138",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2018/7xxx/CVE-2018-7569.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7569", "ID": "CVE-2018-7569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22895", "description_data": [
"refsource" : "MISC", {
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22895" "lang": "eng",
}, "value": "dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm."
{ }
"name" : "GLSA-201811-17", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201811-17" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3032", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3032" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:3032",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3032"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22895",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22895"
},
{
"name": "GLSA-201811-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-17"
}
]
}
} }

118
2018/7xxx/CVE-2018-7635.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7635", "ID": "CVE-2018-7635",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cve.naver.com/detail/cve-2018-7635.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://cve.naver.com/detail/cve-2018-7635.html" "lang": "eng",
} "value": "Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cve.naver.com/detail/cve-2018-7635.html",
"refsource": "MISC",
"url": "https://cve.naver.com/detail/cve-2018-7635.html"
}
]
}
} }

118
2018/7xxx/CVE-2018-7700.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7700", "ID": "CVE-2018-7700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/", "description_data": [
"refsource" : "MISC", {
"url" : "https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/" "lang": "eng",
} "value": "DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/",
"refsource": "MISC",
"url": "https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/"
}
]
}
} }

32
2018/8xxx/CVE-2018-8199.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8199", "ID": "CVE-2018-8199",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

478
2018/8xxx/CVE-2018-8256.json
View File

@ -1,242 +1,242 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8256", "ID": "CVE-2018-8256",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 7", "product_name": "Windows 7",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 1" "version_value": "32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
} }
] ]
} }
}, },
{ {
"product_name" : "Microsoft.PowerShell.Archive", "product_name": "Microsoft.PowerShell.Archive",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.2.2.0" "version_value": "1.2.2.0"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008 R2", "product_name": "Windows Server 2008 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Itanium-Based Systems Service Pack 1" "version_value": "Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" "version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012", "product_name": "Windows Server 2012",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "PowerShell Core", "product_name": "PowerShell Core",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.1" "version_value": "6.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for ARM64-based Systems" "version_value": "Version 1709 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for ARM64-based Systems" "version_value": "Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for 32-bit Systems" "version_value": "Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1809 for ARM64-based Systems" "version_value": "Version 1809 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for x64-based Systems" "version_value": "Version 1809 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2019", "product_name": "Windows Server 2019",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka \"Microsoft PowerShell Remote Code Execution Vulnerability.\" This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256" "lang": "eng",
}, "value": "A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka \"Microsoft PowerShell Remote Code Execution Vulnerability.\" This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1."
{ }
"name" : "105781", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105781" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1042108", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1042108" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1042108",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042108"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256"
},
{
"name": "105781",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105781"
}
]
}
} }

32
2018/8xxx/CVE-2018-8285.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8285", "ID": "CVE-2018-8285",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2018/8xxx/CVE-2018-8808.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8808", "ID": "CVE-2018-8808",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/radare/radare2/issues/9725", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/radare/radare2/issues/9725" "lang": "eng",
} "value": "In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/radare/radare2/issues/9725",
"refsource": "MISC",
"url": "https://github.com/radare/radare2/issues/9725"
}
]
}
} }

32
2018/8xxx/CVE-2018-8877.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8877", "ID": "CVE-2018-8877",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }