admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:45:56 +00:00
parent 5fcd708cc7
commit 6b20b6ddca
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 4184 additions and 4184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
2005/0xxx/CVE-2005-0354.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0354", "ID": "CVE-2005-0354",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2005/0xxx/CVE-2005-0394.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0394", "ID": "CVE-2005-0394",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2005/0xxx/CVE-2005-0962.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0962", "ID": "CVE-2005-0962",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://digitalparadox.org/advisories/sqc.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://digitalparadox.org/advisories/sqc.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action."
{ }
"name" : "12944", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12944" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14770", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14770" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "squirrelcart-index-sql-injection(19904)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19904" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://digitalparadox.org/advisories/sqc.txt",
"refsource": "MISC",
"url": "http://digitalparadox.org/advisories/sqc.txt"
},
{
"name": "squirrelcart-index-sql-injection(19904)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19904"
},
{
"name": "12944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12944"
},
{
"name": "14770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14770"
}
]
}
}

180
2005/0xxx/CVE-2005-0995.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0995", "ID": "CVE-2005-0995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter to advSearch_h.asp, (2) the redirectUrl parameter to NewCust.asp, (3) the country parameter to storelocator_submit.asp, or (4) the error parameter to techErr.asp. NOTE: it has been reported that storelocator_submit.asp does not exist in ProductCart."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://digitalparadox.org/advisories/prodcart.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://digitalparadox.org/advisories/prodcart.txt" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter to advSearch_h.asp, (2) the redirectUrl parameter to NewCust.asp, (3) the country parameter to storelocator_submit.asp, or (4) the error parameter to techErr.asp. NOTE: it has been reported that storelocator_submit.asp does not exist in ProductCart."
{ }
"name" : "12990", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12990" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14833", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14833" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15264", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/15264" ]
}, },
{ "references": {
"name" : "15266", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15266" "name": "15264",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/15264"
"name" : "15267", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15267" "name": "15267",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/15267"
"name" : "15268", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15268" "name": "14833",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/14833"
} },
} {
"name": "12990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12990"
},
{
"name": "15268",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15268"
},
{
"name": "http://digitalparadox.org/advisories/prodcart.txt",
"refsource": "MISC",
"url": "http://digitalparadox.org/advisories/prodcart.txt"
},
{
"name": "15266",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15266"
}
]
}
}

140
2005/1xxx/CVE-2005-1489.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1489", "ID": "CVE-2005-1489",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050504 Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111530933016434&w=2" "lang": "eng",
}, "value": "Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html."
{ }
"name" : "15249", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/15249" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "merak-icewarp-script-path-disclosure(20469)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20469" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20050504 Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111530933016434&w=2"
},
{
"name": "15249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15249"
},
{
"name": "merak-icewarp-script-path-disclosure(20469)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20469"
}
]
}
}

130
2005/1xxx/CVE-2005-1650.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1650", "ID": "CVE-2005-1650",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "13597", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13597" "lang": "eng",
}, "value": "The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames."
{ }
"name" : "15268", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/15268" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15268",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15268"
},
{
"name": "13597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13597"
}
]
}
}

370
2005/2xxx/CVE-2005-2618.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2618", "ID": "CVE-2005-2618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060210 Secunia Research: Lotus Notes UUE File Handling Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424689/100/0/threaded" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll)."
{ }
"name" : "20060210 Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/424626/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060210 Secunia Research: Lotus Notes HTML Speed Reader Link BufferOverflows", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424692/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20060210 Secunia Research: Lotus Notes TAR Reader File Extraction BufferOverflow", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/424666/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://secunia.com/secunia_research/2005-66/advisory/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-66/advisory/" "name": "lotus-kvarcve-filename-bo(24635)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
"name" : "http://secunia.com/secunia_research/2005-32/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-32/advisory/" "name": "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918"
"name" : "http://secunia.com/secunia_research/2005-34/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-34/advisory/" "name": "http://secunia.com/secunia_research/2005-34/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2005-34/advisory/"
"name" : "http://secunia.com/secunia_research/2005-36/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-36/advisory/" "name": "23067",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23067"
"name" : "http://secunia.com/secunia_research/2005-37/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-37/advisory/" "name": "lotus-uudrdr-uue-bo(24636)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
"name" : "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918", },
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918" "name": "ADV-2006-0500",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0500"
"name" : "VU#884076", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/884076" "name": "ADV-2006-0501",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0501"
"name" : "16576", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16576" "name": "20060210 Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
"name" : "ADV-2006-0500", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0500" "name": "23064",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23064"
"name" : "ADV-2006-0501", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0501" "name": "23066",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23066"
"name" : "23064", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23064" "name": "1015657",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015657"
"name" : "23065", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23065" "name": "http://secunia.com/secunia_research/2005-36/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2005-36/advisory/"
"name" : "23066", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23066" "name": "23065",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23065"
"name" : "23067", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23067" "name": "16576",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16576"
"name" : "23068", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23068" "name": "20060210 Secunia Research: Lotus Notes UUE File Handling Buffer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
"name" : "1015657", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015657" "name": "16100",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16100"
"name" : "16100", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16100" "name": "lotus-htmsr-link-bo(24639)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
"name" : "16280", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16280" "name": "lotus-tarrdr-filename-bo(24638)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
"name" : "lotus-htmsr-link-bo(24639)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639" "name": "http://secunia.com/secunia_research/2005-32/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2005-32/advisory/"
"name" : "lotus-kvarcve-filename-bo(24635)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635" "name": "VU#884076",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/884076"
"name" : "lotus-tarrdr-filename-bo(24638)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638" "name": "http://secunia.com/secunia_research/2005-66/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2005-66/advisory/"
"name" : "lotus-uudrdr-uue-bo(24636)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636" "name": "20060210 Secunia Research: Lotus Notes HTML Speed Reader Link BufferOverflows",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
} },
} {
"name": "16280",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16280"
},
{
"name": "23068",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23068"
},
{
"name": "20060210 Secunia Research: Lotus Notes TAR Reader File Extraction BufferOverflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2005-37/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-37/advisory/"
}
]
}
}

160
2005/3xxx/CVE-2005-3018.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3018", "ID": "CVE-2005-3018",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050917 Possible memory corruption problems in Apple Safari", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112715234411672&w=2" "lang": "eng",
}, "value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
{ }
"name" : "14868", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14868" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19569", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19569" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16875", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16875/" ]
}, },
{ "references": {
"name" : "safari-data-uri-dos(22331)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331" "name": "safari-data-uri-dos(22331)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
} },
} {
"name": "20050917 Possible memory corruption problems in Apple Safari",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112715234411672&w=2"
},
{
"name": "16875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16875/"
},
{
"name": "14868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14868"
},
{
"name": "19569",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19569"
}
]
}
}

140
2005/3xxx/CVE-2005-3143.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3143", "ID": "CVE-2005-3143",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History_535.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History_535.txt" "lang": "eng",
}, "value": "Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2."
{ }
"name" : "14981", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14981" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17003", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17003" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History_535.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT_DOCUMENTATION/PDF_Docs_by_4D_Product_A-Z/4D_WebSTAR/Software_Change_History_535.txt"
},
{
"name": "14981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14981"
},
{
"name": "17003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17003"
}
]
}
}

210
2005/3xxx/CVE-2005-3415.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3415", "ID": "CVE-2005-3415",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but not the GPC variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051031 Advisory 17/2005: phpBB Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=113081113317600&w=2" "lang": "eng",
}, "value": "phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but not the GPC variable."
{ }
"name" : "http://www.hardened-php.net/advisory_172005.75.html", ]
"refsource" : "MISC", },
"url" : "http://www.hardened-php.net/advisory_172005.75.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-925", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-925" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15243", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15243" ]
}, },
{ "references": {
"name" : "20386", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20386" "name": "phpbb-multiple-variables-bypass-security(22914)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22914"
"name" : "1015121", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015121" "name": "20051031 Advisory 17/2005: phpBB Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=113081113317600&w=2"
"name" : "17366", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17366" "name": "20386",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/20386"
"name" : "18098", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18098" "name": "DSA-925",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-925"
"name" : "130", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/130" "name": "17366",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17366"
"name" : "phpbb-multiple-variables-bypass-security(22914)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22914" "name": "130",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/130"
} },
} {
"name": "18098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18098"
},
{
"name": "http://www.hardened-php.net/advisory_172005.75.html",
"refsource": "MISC",
"url": "http://www.hardened-php.net/advisory_172005.75.html"
},
{
"name": "1015121",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015121"
},
{
"name": "15243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15243"
}
]
}
}

190
2005/3xxx/CVE-2005-3802.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3802", "ID": "CVE-2005-3802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051115 Authentication vulnerability in Belkin wireless devices", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=113209977115233&w=2" "lang": "eng",
}, "value": "Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication."
{ }
"name" : "20051115 Authentication vulnerability in Belkin wireless devices", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0489.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15444", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15444/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2005-2453", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2005/2453" ]
}, },
{ "references": {
"name" : "20877", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20877" "name": "15444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15444/"
"name" : "17601", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17601/" "name": "20051115 Authentication vulnerability in Belkin wireless devices",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0489.html"
"name" : "186", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/186" "name": "17601",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17601/"
"name" : "belkin-wireless-auth-bypass(23059)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23059" "name": "186",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/186"
} },
} {
"name": "belkin-wireless-auth-bypass(23059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23059"
},
{
"name": "ADV-2005-2453",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2453"
},
{
"name": "20877",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20877"
},
{
"name": "20051115 Authentication vulnerability in Belkin wireless devices",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=113209977115233&w=2"
}
]
}
}

190
2005/3xxx/CVE-2005-3974.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3974", "ID": "CVE-2005-3974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the \"access user profiles\" permission."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051201 [DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/418336/100/0/threaded" "lang": "eng",
}, "value": "Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the \"access user profiles\" permission."
{ }
"name" : "http://drupal.org/files/sa-2005-009/4.6.3.patch", ]
"refsource" : "MISC", },
"url" : "http://drupal.org/files/sa-2005-009/4.6.3.patch" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/files/sa-2005-009/advisory.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/files/sa-2005-009/advisory.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-958", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-958" ]
}, },
{ "references": {
"name" : "15674", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15674" "name": "ADV-2005-2684",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2684"
"name" : "ADV-2005-2684", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2684" "name": "http://drupal.org/files/sa-2005-009/4.6.3.patch",
}, "refsource": "MISC",
{ "url": "http://drupal.org/files/sa-2005-009/4.6.3.patch"
"name" : "17824", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17824" "name": "DSA-958",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-958"
"name" : "18630", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18630" "name": "15674",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/15674"
} },
} {
"name": "18630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18630"
},
{
"name": "20051201 [DRUPAL-SA-2005-009] Drupal 4.6.4 / 4.5.6 fixes minor access control issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418336/100/0/threaded"
},
{
"name": "http://drupal.org/files/sa-2005-009/advisory.txt",
"refsource": "CONFIRM",
"url": "http://drupal.org/files/sa-2005-009/advisory.txt"
},
{
"name": "17824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17824"
}
]
}
}

160
2005/4xxx/CVE-2005-4016.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4016", "ID": "CVE-2005-4016",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html" "lang": "eng",
}, "value": "SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php."
{ }
"name" : "15701", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15701" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2741", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2741" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21426", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21426" ]
}, },
{ "references": {
"name" : "17829", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17829" "name": "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html",
} "refsource": "MISC",
] "url": "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html"
} },
} {
"name": "21426",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21426"
},
{
"name": "15701",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15701"
},
{
"name": "ADV-2005-2741",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2741"
},
{
"name": "17829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17829"
}
]
}
}

160
2005/4xxx/CVE-2005-4389.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4389", "ID": "CVE-2005-4389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced, and (8) intern parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/contens-searchcfm-multiple-input.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/contens-searchcfm-multiple-input.html" "lang": "eng",
}, "value": "search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced, and (8) intern parameters."
{ }
"name" : "ADV-2005-2981", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2005/2981" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21825", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21825" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18143", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18143" ]
}, },
{ "references": {
"name" : "contens-search-path-disclosure(23824)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23824" "name": "21825",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/21825"
} },
} {
"name": "ADV-2005-2981",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2981"
},
{
"name": "contens-search-path-disclosure(23824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23824"
},
{
"name": "http://pridels0.blogspot.com/2005/12/contens-searchcfm-multiple-input.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/contens-searchcfm-multiple-input.html"
},
{
"name": "18143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18143"
}
]
}
}

150
2005/4xxx/CVE-2005-4687.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4687", "ID": "CVE-2005-4687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt" "lang": "eng",
}, "value": "PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header."
{ }
"name" : "15326", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15326" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17425", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17425" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17433", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/17433" ]
} },
] "references": {
} "reference_data": [
} {
"name": "15326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15326"
},
{
"name": "17433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17433"
},
{
"name": "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt",
"refsource": "CONFIRM",
"url": "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt"
},
{
"name": "17425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17425"
}
]
}
}

200
2009/0xxx/CVE-2009-0273.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0273", "ID": "CVE-2009-0273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090130 PR08-22: Persistent XSS on Novell GroupWise WebAccess", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/500572/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments."
{ }
"name" : "20090130 PR08-23: XSS on Novell GroupWise WebAccess", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/500575/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-22", "description": [
"refsource" : "MISC", {
"url" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-22" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-23", ]
"refsource" : "MISC", }
"url" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-23" ]
}, },
{ "references": {
"name" : "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320" "name": "33744",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33744"
"name" : "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321", },
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321" "name": "33541",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/33541"
"name" : "33537", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33537" "name": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-23",
}, "refsource": "MISC",
{ "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-23"
"name" : "33541", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33541" "name": "33537",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/33537"
"name" : "33744", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33744" "name": "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320",
} "refsource": "CONFIRM",
] "url": "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320"
} },
} {
"name": "20090130 PR08-23: XSS on Novell GroupWise WebAccess",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500575/100/0/threaded"
},
{
"name": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-22",
"refsource": "MISC",
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-22"
},
{
"name": "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321"
},
{
"name": "20090130 PR08-22: Persistent XSS on Novell GroupWise WebAccess",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500572/100/0/threaded"
}
]
}
}

150
2009/0xxx/CVE-2009-0323.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0323", "ID": "CVE-2009-0323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an \"HTML GI\" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/500492/100/0/threaded" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an \"HTML GI\" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005."
{ }
"name" : "7902", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/7902" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.coresecurity.com/content/amaya-buffer-overflows", "description": [
"refsource" : "MISC", {
"url" : "http://www.coresecurity.com/content/amaya-buffer-overflows" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "amaya-html-tags-bo(48325)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48325" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500492/100/0/threaded"
},
{
"name": "http://www.coresecurity.com/content/amaya-buffer-overflows",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/amaya-buffer-overflows"
},
{
"name": "7902",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7902"
},
{
"name": "amaya-html-tags-bo(48325)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48325"
}
]
}
}

160
2009/0xxx/CVE-2009-0373.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0373", "ID": "CVE-2009-0373",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7881", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7881" "lang": "eng",
}, "value": "SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php."
{ }
"name" : "33455", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33455" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-0249", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0249" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33646", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/33646" ]
}, },
{ "references": {
"name" : "flashmagazine-index-sql-injection(48226)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48226" "name": "7881",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/7881"
} },
} {
"name": "33646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33646"
},
{
"name": "33455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33455"
},
{
"name": "flashmagazine-index-sql-injection(48226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48226"
},
{
"name": "ADV-2009-0249",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0249"
}
]
}
}

170
2009/0xxx/CVE-2009-0690.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2009-0690", "ID": "CVE-2009-0690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.foxitsoftware.com/pdf/reader/security.htm#0602", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.foxitsoftware.com/pdf/reader/security.htm#0602" "lang": "eng",
}, "value": "The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read."
{ }
"name" : "VU#251793", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/251793" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35442", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35442" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1022425", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1022425" ]
}, },
{ "references": {
"name" : "35512", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35512" "name": "35442",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35442"
"name" : "ADV-2009-1640", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1640" "name": "http://www.foxitsoftware.com/pdf/reader/security.htm#0602",
} "refsource": "CONFIRM",
] "url": "http://www.foxitsoftware.com/pdf/reader/security.htm#0602"
} },
} {
"name": "1022425",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022425"
},
{
"name": "VU#251793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/251793"
},
{
"name": "35512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35512"
},
{
"name": "ADV-2009-1640",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1640"
}
]
}
}

220
2009/0xxx/CVE-2009-0824.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0824", "ID": "CVE-2009-0824",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090312 [Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/501713/100/0/threaded" "lang": "eng",
}, "value": "Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call."
{ }
"name" : "http://en.securitylab.ru/lab/PT-2009-11", ]
"refsource" : "MISC", },
"url" : "http://en.securitylab.ru/lab/PT-2009-11" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.slysoft.com/download/changes_anydvd.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.slysoft.com/download/changes_anydvd.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.slysoft.com/download/changes_clonedvd.txt", ]
"refsource" : "CONFIRM", }
"url" : "http://www.slysoft.com/download/changes_clonedvd.txt" ]
}, },
{ "references": {
"name" : "34103", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34103" "name": "34288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34288"
"name" : "52679", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/52679" "name": "http://www.slysoft.com/download/changes_clonedvd.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.slysoft.com/download/changes_clonedvd.txt"
"name" : "34269", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34269" "name": "slysoft-elbycdio-dos(49232)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49232"
"name" : "34288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34288" "name": "34289",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34289"
"name" : "34289", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34289" "name": "34269",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34269"
"name" : "34287", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34287" "name": "34287",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34287"
"name" : "slysoft-elbycdio-dos(49232)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49232" "name": "http://www.slysoft.com/download/changes_anydvd.txt",
} "refsource": "CONFIRM",
] "url": "http://www.slysoft.com/download/changes_anydvd.txt"
} },
} {
"name": "http://en.securitylab.ru/lab/PT-2009-11",
"refsource": "MISC",
"url": "http://en.securitylab.ru/lab/PT-2009-11"
},
{
"name": "34103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34103"
},
{
"name": "52679",
"refsource": "OSVDB",
"url": "http://osvdb.org/52679"
},
{
"name": "20090312 [Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501713/100/0/threaded"
}
]
}
}

140
2009/2xxx/CVE-2009-2598.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2598", "ID": "CVE-2009-2598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090601 MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -->", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503943/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php."
{ }
"name" : "8844", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/8844" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35304", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35304" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20090601 MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -->",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503943/100/0/threaded"
},
{
"name": "8844",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8844"
},
{
"name": "35304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35304"
}
]
}
}

180
2009/2xxx/CVE-2009-2844.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2844", "ID": "CVE-2009-2844",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/08/17/1" "lang": "eng",
}, "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
{ }
"name" : "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2009/08/17/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://jon.oberheide.org/files/cfg80211-remote-dos.c", "description": [
"refsource" : "MISC", {
"url" : "http://jon.oberheide.org/files/cfg80211-remote-dos.c" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e" ]
}, },
{ "references": {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5" "name": "36278",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36278"
"name" : "36052", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36052" "name": "http://jon.oberheide.org/files/cfg80211-remote-dos.c",
}, "refsource": "MISC",
{ "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
"name" : "36278", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36278" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e",
} "refsource": "CONFIRM",
] "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e"
} },
} {
"name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
},
{
"name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
},
{
"name": "36052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36052"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
}
]
}
}

190
2009/3xxx/CVE-2009-3248.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3248", "ID": "CVE-2009-3248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090818 Vtiger CRM 5.0.4 Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=125060676515670&w=2" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php."
{ }
"name" : "9450", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/9450" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/", "description": [
"refsource" : "MISC", {
"url" : "http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt", ]
"refsource" : "MISC", }
"url" : "http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt" ]
}, },
{ "references": {
"name" : "36062", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36062" "name": "http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/",
}, "refsource": "MISC",
{ "url": "http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/"
"name" : "57238", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/57238" "name": "http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt",
}, "refsource": "MISC",
{ "url": "http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt"
"name" : "36309", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36309" "name": "9450",
}, "refsource": "EXPLOIT-DB",
{ "url": "http://www.exploit-db.com/exploits/9450"
"name" : "ADV-2009-2319", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2319" "name": "20090818 Vtiger CRM 5.0.4 Multiple Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=125060676515670&w=2"
} },
} {
"name": "36062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36062"
},
{
"name": "57238",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/57238"
},
{
"name": "36309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36309"
},
{
"name": "ADV-2009-2319",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2319"
}
]
}
}

160
2009/3xxx/CVE-2009-3535.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3535", "ID": "CVE-2009-3535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the researcher also suggests an analogous PHP remote file inclusion vulnerability, but this may be incorrect."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9089", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9089" "lang": "eng",
}, "value": "Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the researcher also suggests an analogous PHP remote file inclusion vulnerability, but this may be incorrect."
{ }
"name" : "http://packetstormsecurity.org/0907-exploits/clearcontent-rfilfi.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/0907-exploits/clearcontent-rfilfi.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55742", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/55742" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35726", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/35726" ]
}, },
{ "references": {
"name" : "clearcontent-image-file-include(51629)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51629" "name": "http://packetstormsecurity.org/0907-exploits/clearcontent-rfilfi.txt",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.org/0907-exploits/clearcontent-rfilfi.txt"
} },
} {
"name": "35726",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35726"
},
{
"name": "clearcontent-image-file-include(51629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51629"
},
{
"name": "9089",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9089"
},
{
"name": "55742",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55742"
}
]
}
}

190
2009/3xxx/CVE-2009-3551.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3551", "ID": "CVE-2009-3551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html" "lang": "eng",
}, "value": "Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.wireshark.org/security/wnpa-sec-2009-07.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wireshark.org/security/wnpa-sec-2009-07.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36846", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36846" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:6049", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6049" ]
}, },
{ "references": {
"name" : "37175", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37175" "name": "36846",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36846"
"name" : "37409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37409" "name": "oval:org.mitre.oval:def:6049",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6049"
"name" : "ADV-2009-3061", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3061" "name": "ADV-2009-3061",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/3061"
"name" : "wireshark-negprotresponse-dos(54018)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54018" "name": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html",
} "refsource": "CONFIRM",
] "url": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html"
} },
} {
"name": "wireshark-negprotresponse-dos(54018)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54018"
},
{
"name": "37409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37409"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2009-07.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2009-07.html"
},
{
"name": "37175",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37175"
}
]
}
}

170
2009/3xxx/CVE-2009-3936.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3936", "ID": "CVE-2009-3936",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.citrix.com/article/CTX123248", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.citrix.com/article/CTX123248" "lang": "eng",
}, "value": "Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555."
{ }
"name" : "37073", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37073" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1023168", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023168" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37319", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/37319" ]
}, },
{ "references": {
"name" : "ADV-2009-3206", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3206" "name": "ADV-2009-3206",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/3206"
"name" : "citrix-ssl-spoofing(54213)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54213" "name": "http://support.citrix.com/article/CTX123248",
} "refsource": "CONFIRM",
] "url": "http://support.citrix.com/article/CTX123248"
} },
} {
"name": "37073",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37073"
},
{
"name": "37319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37319"
},
{
"name": "1023168",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023168"
},
{
"name": "citrix-ssl-spoofing(54213)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54213"
}
]
}
}

140
2009/4xxx/CVE-2009-4340.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4340", "ID": "CVE-2009-4340",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "ADV-2009-3550", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2009/3550" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "typo3-nis-xss(54784)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54784" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "typo3-nis-xss(54784)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54784"
},
{
"name": "ADV-2009-3550",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3550"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
}
]
}
}

140
2009/4xxx/CVE-2009-4358.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4358", "ID": "CVE-2009-4358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-09:17", "description_data": [
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-09:17.freebsd-update.asc" "lang": "eng",
}, "value": "freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation."
{ }
"name" : "37190", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37190" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37575", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37575" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-09:17",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-09:17.freebsd-update.asc"
},
{
"name": "37190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37190"
},
{
"name": "37575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37575"
}
]
}
}

190
2009/4xxx/CVE-2009-4541.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4541", "ID": "CVE-2009-4541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support Center 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) newticket.php or (2) rempass.php, or a URL in the lang parameter in an adduser action to (3) index.php. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9397", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9397" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support Center 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) newticket.php or (2) rempass.php, or a URL in the lang parameter in an adduser action to (3) index.php. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences."
{ }
"name" : "35997", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35997" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "56869", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/56869" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "56870", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/56870" ]
}, },
{ "references": {
"name" : "56871", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/56871" "name": "56870",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/56870"
"name" : "36208", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36208" "name": "35997",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35997"
"name" : "supportcenter-index-file-include(52352)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52352" "name": "56869",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/56869"
"name" : "supportcenter-lang-file-include(52350)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52350" "name": "supportcenter-lang-file-include(52350)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52350"
} },
} {
"name": "36208",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36208"
},
{
"name": "9397",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9397"
},
{
"name": "56871",
"refsource": "OSVDB",
"url": "http://osvdb.org/56871"
},
{
"name": "supportcenter-index-file-include(52352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52352"
}
]
}
}

140
2009/4xxx/CVE-2009-4945.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4945", "ID": "CVE-2009-4945",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via requests to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090527 [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503855/100/0/threaded" "lang": "eng",
}, "value": "AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via requests to index.php."
{ }
"name" : "20090528 Re: [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/503911/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://forum.intern0t.net/intern0t-advisories/1049-intern0t-adpeeps-8-5d1-cross-site-scripting-html-injection-vulnerabilities.html", "description": [
"refsource" : "MISC", {
"url" : "http://forum.intern0t.net/intern0t-advisories/1049-intern0t-adpeeps-8-5d1-cross-site-scripting-html-injection-vulnerabilities.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20090527 [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503855/100/0/threaded"
},
{
"name": "20090528 Re: [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503911/100/0/threaded"
},
{
"name": "http://forum.intern0t.net/intern0t-advisories/1049-intern0t-adpeeps-8-5d1-cross-site-scripting-html-injection-vulnerabilities.html",
"refsource": "MISC",
"url": "http://forum.intern0t.net/intern0t-advisories/1049-intern0t-adpeeps-8-5d1-cross-site-scripting-html-injection-vulnerabilities.html"
}
]
}
}

210
2012/2xxx/CVE-2012-2926.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2926", "ID": "CVE-2012-2926",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://confluence.atlassian.com/display/BAMBOO/Bamboo+Security+Advisory+2012-05-17", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://confluence.atlassian.com/display/BAMBOO/Bamboo+Security+Advisory+2012-05-17" "lang": "eng",
}, "value": "Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors."
{ }
"name" : "http://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17", ]
"refsource" : "CONFIRM", },
"url" : "http://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17", "description": [
"refsource" : "CONFIRM", {
"url" : "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-05-17", ]
"refsource" : "CONFIRM", }
"url" : "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-05-17" ]
}, },
{ "references": {
"name" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17" "name": "fisheye-crucible-xml-dos(75682)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75682"
"name" : "53595", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53595" "name": "49146",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49146"
"name" : "81993", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/81993" "name": "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-05-17",
}, "refsource": "CONFIRM",
{ "url": "http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-05-17"
"name" : "49146", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49146" "name": "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17",
}, "refsource": "CONFIRM",
{ "url": "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17"
"name" : "jira-xml-dos(75697)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75697" "name": "81993",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/81993"
"name" : "fisheye-crucible-xml-dos(75682)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75682" "name": "http://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17",
} "refsource": "CONFIRM",
] "url": "http://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17"
} },
} {
"name": "53595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53595"
},
{
"name": "http://confluence.atlassian.com/display/BAMBOO/Bamboo+Security+Advisory+2012-05-17",
"refsource": "CONFIRM",
"url": "http://confluence.atlassian.com/display/BAMBOO/Bamboo+Security+Advisory+2012-05-17"
},
{
"name": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17",
"refsource": "CONFIRM",
"url": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17"
},
{
"name": "jira-xml-dos(75697)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75697"
}
]
}
}

120
2015/0xxx/CVE-2015-0168.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-0168", "ID": "CVE-2015-0168",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21699470", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21699470" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21699470",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699470"
}
]
}
}

240
2015/0xxx/CVE-2015-0325.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-0325", "ID": "CVE-2015-0325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html" "lang": "eng",
}, "value": "Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328."
{ }
"name" : "https://technet.microsoft.com/library/security/2755801", ]
"refsource" : "CONFIRM", },
"url" : "https://technet.microsoft.com/library/security/2755801" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201502-02", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-02.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:0140", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0140.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2015:0236", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html" "name": "GLSA-201502-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201502-02.xml"
"name" : "SUSE-SU-2015:0239", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html" "name": "openSUSE-SU-2015:0238",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html"
"name" : "openSUSE-SU-2015:0237", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html" "name": "62895",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62895"
"name" : "openSUSE-SU-2015:0238", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html" "name": "adobe-flash-cve20150325-dos(100711)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100711"
"name" : "72514", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72514" "name": "1031706",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031706"
"name" : "1031706", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031706" "name": "62886",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62886"
"name" : "62886", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62886" "name": "https://technet.microsoft.com/library/security/2755801",
}, "refsource": "CONFIRM",
{ "url": "https://technet.microsoft.com/library/security/2755801"
"name" : "62895", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62895" "name": "openSUSE-SU-2015:0237",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html"
"name" : "adobe-flash-cve20150325-dos(100711)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100711" "name": "SUSE-SU-2015:0236",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html"
} },
} {
"name": "72514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72514"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html"
},
{
"name": "RHSA-2015:0140",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0140.html"
},
{
"name": "SUSE-SU-2015:0239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html"
}
]
}
}

190
2015/1xxx/CVE-2015-1196.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1196", "ID": "CVE-2015-1196",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150118 Re: CVE request: directory traversal flaw in patch", "description_data": [
"refsource" : "MLIST", {
"url" : "http://seclists.org/oss-sec/2015/q1/173" "lang": "eng",
}, "value": "GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file."
{ }
"name" : "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3", ]
"refsource" : "CONFIRM", },
"url" : "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1182154", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1182154" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" "name": "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3",
}, "refsource": "CONFIRM",
{ "url": "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3"
"name" : "openSUSE-SU-2015:0199", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00013.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
"name" : "72074", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72074" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1182154",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182154"
"name" : "gnupatch-unspecified-symlink(99967)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99967" "name": "72074",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/72074"
} },
} {
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227"
},
{
"name": "[oss-security] 20150118 Re: CVE request: directory traversal flaw in patch",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q1/173"
},
{
"name": "openSUSE-SU-2015:0199",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00013.html"
},
{
"name": "gnupatch-unspecified-symlink(99967)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99967"
}
]
}
}

160
2015/1xxx/CVE-2015-1360.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1360", "ID": "CVE-2015-1360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related to gpu/GrBitmapTextContext.cpp and gpu/GrDistanceFieldTextContext.cpp, a different vulnerability than CVE-2015-1205."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html" "lang": "eng",
}, "value": "Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related to gpu/GrBitmapTextContext.cpp and gpu/GrDistanceFieldTextContext.cpp, a different vulnerability than CVE-2015-1205."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=416289", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=416289" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=449894", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.google.com/p/chromium/issues/detail?id=449894" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://codereview.chromium.org/636233008", ]
"refsource" : "CONFIRM", }
"url" : "https://codereview.chromium.org/636233008" ]
}, },
{ "references": {
"name" : "GLSA-201502-13", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-13.xml" "name": "https://codereview.chromium.org/636233008",
} "refsource": "CONFIRM",
] "url": "https://codereview.chromium.org/636233008"
} },
} {
"name": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html"
},
{
"name": "GLSA-201502-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=416289",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=416289"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=449894",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=449894"
}
]
}
}

250
2015/1xxx/CVE-2015-1781.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1781", "ID": "CVE-2015-1781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available", "description_data": [
"refsource" : "MLIST", {
"url" : "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html" "lang": "eng",
}, "value": "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer."
{ }
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=18287", ]
"refsource" : "CONFIRM", },
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=18287" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386", "description": [
"refsource" : "CONFIRM", {
"url" : "https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ]
}, },
{ "references": {
"name" : "DSA-3480", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3480" "name": "SUSE-SU-2015:1424",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
"name" : "FEDORA-2016-0480defc94", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html" "name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
}, "refsource": "MLIST",
{ "url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
"name" : "GLSA-201602-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201602-02" "name": "SUSE-SU-2016:0470",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
"name" : "RHSA-2015:0863", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2015-0863.html" "name": "USN-2985-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2985-2"
"name" : "SUSE-SU-2015:1424", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html" "name": "GLSA-201602-02",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201602-02"
"name" : "SUSE-SU-2016:0470", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "USN-2985-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2985-1" "name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386",
}, "refsource": "CONFIRM",
{ "url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386"
"name" : "USN-2985-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2985-2" "name": "FEDORA-2016-0480defc94",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
"name" : "74255", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74255" "name": "RHSA-2015:0863",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html"
"name" : "1032178", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032178" "name": "DSA-3480",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3480"
} },
} {
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287"
},
{
"name": "1032178",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032178"
},
{
"name": "74255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74255"
}
]
}
}

140
2015/5xxx/CVE-2015-5720.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5720", "ID": "CVE-2015-5720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js."
{ }
"name" : "https://www.circl.lu/advisory/CVE-2015-5720/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.circl.lu/advisory/CVE-2015-5720/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92738", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92738" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.circl.lu/advisory/CVE-2015-5720/",
"refsource": "CONFIRM",
"url": "https://www.circl.lu/advisory/CVE-2015-5720/"
},
{
"name": "92738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92738"
},
{
"name": "https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf",
"refsource": "CONFIRM",
"url": "https://github.com/MISP/MISP/commit/812ac878c3645c02e2a599287117418424cbd4cf"
}
]
}
}

34
2015/5xxx/CVE-2015-5744.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5744", "ID": "CVE-2015-5744",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/11xxx/CVE-2018-11484.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11484", "ID": "CVE-2018-11484",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

620
2018/11xxx/CVE-2018-11904.json
View File

@ -1,312 +1,312 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11904", "ID": "CVE-2018-11904",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Return of Stack Variable Address in WLAN"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61" "lang": "eng",
}, "value": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer."
{ }
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75", "description": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75" "lang": "eng",
}, "value": "Return of Stack Variable Address in WLAN"
{ }
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc", ]
"refsource" : "CONFIRM", }
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc" ]
}, },
{ "references": {
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771" "name": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin",
}, "refsource": "CONFIRM",
{ "url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel&id=391d37818aaa8038a06662075dd8893501452931", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel&id=391d37818aaa8038a06662075dd8893501452931" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5" "name": "https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309"
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b", },
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c",
}, "refsource": "CONFIRM",
{ "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c"
"name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", },
"refsource" : "CONFIRM", {
"url" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin" "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b",
} "refsource": "CONFIRM",
] "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b"
} },
} {
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel&id=391d37818aaa8038a06662075dd8893501452931",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel&id=391d37818aaa8038a06662075dd8893501452931"
},
{
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358"
},
{
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0"
},
{
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc"
}
]
}
}

180
2018/3xxx/CVE-2018-3162.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3162", "ID": "CVE-2018-3162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.23 and prior" "version_value": "5.7.23 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.12 and prior" "version_value": "8.0.12 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20181018-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20181018-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3655", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "USN-3799-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3799-1/" ]
}, },
{ "references": {
"name" : "105594", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105594" "name": "1041888",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1041888"
"name" : "1041888", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041888" "name": "RHSA-2018:3655",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:3655"
} },
} {
"name": "USN-3799-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3799-1/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "105594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105594"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0002/"
}
]
}
}

140
2018/3xxx/CVE-2018-3303.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3303", "ID": "CVE-2018-3303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Enterprise Manager Base Platform", "product_name": "Enterprise Manager Base Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "13.2" "version_value": "13.2"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "13.3" "version_value": "13.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: EM Console). Supported versions that are affected are 13.2 and 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: EM Console). Supported versions that are affected are 13.2 and 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)."
{ }
"name" : "106618", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106618" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106618"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}
]
}
}

34
2018/3xxx/CVE-2018-3399.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3399", "ID": "CVE-2018-3399",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/3xxx/CVE-2018-3756.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-05-31T00:00:00", "DATE_PUBLIC": "2018-05-31T00:00:00",
"ID" : "CVE-2018-3756", "ID": "CVE-2018-3756",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/hyperledger/iroha/releases/tag/v1.0.0_beta-2", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/hyperledger/iroha/releases/tag/v1.0.0_beta-2" "lang": "eng",
} "value": "Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hyperledger/iroha/releases/tag/v1.0.0_beta-2",
"refsource": "CONFIRM",
"url": "https://github.com/hyperledger/iroha/releases/tag/v1.0.0_beta-2"
}
]
}
}

34
2018/3xxx/CVE-2018-3802.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3802", "ID": "CVE-2018-3802",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/6xxx/CVE-2018-6255.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6255", "ID": "CVE-2018-6255",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/7xxx/CVE-2018-7155.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7155", "ID": "CVE-2018-7155",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/7xxx/CVE-2018-7632.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7632", "ID": "CVE-2018-7632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading \"/\" in the URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/", "description_data": [
"refsource" : "MISC", {
"url" : "https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/" "lang": "eng",
} "value": "Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading \"/\" in the URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/",
"refsource": "MISC",
"url": "https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/"
}
]
}
}

34
2018/7xxx/CVE-2018-7808.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7808", "ID": "CVE-2018-7808",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

134
2018/8xxx/CVE-2018-8023.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-09-21T00:00:00", "DATE_PUBLIC": "2018-09-21T00:00:00",
"ID" : "CVE-2018-8023", "ID": "CVE-2018-8023",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Mesos", "product_name": "Apache Mesos",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "versions prior to 1.4.2" "version_value": "versions prior to 1.4.2"
}, },
{ {
"version_value" : "1.5.0, 1.5.1" "version_value": "1.5.0, 1.5.1"
}, },
{ {
"version_value" : "1.6.0" "version_value": "1.6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache Mesos can be configured to require authentication to call the Executor HTTP API using JSON Web Token (JWT). In Apache Mesos versions pre-1.4.2, 1.5.0, 1.5.1, 1.6.0 the comparison of the generated HMAC value against the provided signature in the JWT implementation used is vulnerable to a timing attack because instead of a constant-time string comparison routine a standard `==` operator has been used. A malicious actor can therefore abuse the timing difference of when the JWT validation function returns to reveal the correct HMAC value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[dev] 20180921 CVE-2018-8023: A remote attacker can exploit a vulnerability in the JWT implementation to gain unauthenticated access to Mesos Executor HTTP API.", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.apache.org/thread.html/9b9d3f6bd09f3ebd2284b82077033bdc71da550a1c4c010c2494acc3@%3Cdev.mesos.apache.org%3E" "lang": "eng",
} "value": "Apache Mesos can be configured to require authentication to call the Executor HTTP API using JSON Web Token (JWT). In Apache Mesos versions pre-1.4.2, 1.5.0, 1.5.1, 1.6.0 the comparison of the generated HMAC value against the provided signature in the JWT implementation used is vulnerable to a timing attack because instead of a constant-time string comparison routine a standard `==` operator has been used. A malicious actor can therefore abuse the timing difference of when the JWT validation function returns to reveal the correct HMAC value."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[dev] 20180921 CVE-2018-8023: A remote attacker can exploit a vulnerability in the JWT implementation to gain unauthenticated access to Mesos Executor HTTP API.",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/9b9d3f6bd09f3ebd2284b82077033bdc71da550a1c4c010c2494acc3@%3Cdev.mesos.apache.org%3E"
}
]
}
}

260
2018/8xxx/CVE-2018-8492.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8492", "ID": "CVE-2018-8492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for 32-bit Systems" "version_value": "Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1809 for x64-based Systems" "version_value": "Version 1809 for x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2019", "product_name": "Windows Server 2019",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka \"Device Guard Code Integrity Policy Security Feature Bypass Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Security Feature Bypass"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8492", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8492" "lang": "eng",
}, "value": "A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka \"Device Guard Code Integrity Policy Security Feature Bypass Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers."
{ }
"name" : "105455", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105455" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041842", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041842" "lang": "eng",
} "value": "Security Feature Bypass"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "105455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105455"
},
{
"name": "1041842",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041842"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8492",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8492"
}
]
}
}

130
2018/8xxx/CVE-2018-8569.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8569", "ID": "CVE-2018-8569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Yammer Desktop App", "product_name": "Yammer Desktop App",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Yammer Desktop App" "version_value": "Yammer Desktop App"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in the Yammer desktop application due to the loading of arbitrary content, aka \"Yammer Desktop Application Remote Code Execution Vulnerability.\" This affects Yammer Desktop App."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569" "lang": "eng",
}, "value": "A remote code execution vulnerability exists in the Yammer desktop application due to the loading of arbitrary content, aka \"Yammer Desktop Application Remote Code Execution Vulnerability.\" This affects Yammer Desktop App."
{ }
"name" : "105681", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105681" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569"
},
{
"name": "105681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105681"
}
]
}
}

34
2018/8xxx/CVE-2018-8681.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8681", "ID": "CVE-2018-8681",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

142
2018/8xxx/CVE-2018-8856.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-08-31T00:00:00", "DATE_PUBLIC": "2018-08-31T00:00:00",
"ID" : "CVE-2018-8856", "ID": "CVE-2018-8856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "e-Alert Unit (non-medical device)", "product_name": "e-Alert Unit (non-medical device)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "R2.1 and prior" "version_value": "R2.1 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Philips" "vendor_name": "Philips"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "USE OF HARD-CODED CREDENTIALS CWE- 798"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01" "lang": "eng",
}, "value": "Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data."
{ }
"name" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security", ]
"refsource" : "CONFIRM", },
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105194", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105194" "lang": "eng",
} "value": "USE OF HARD-CODED CREDENTIALS CWE- 798"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
"refsource": "CONFIRM",
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"name": "105194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105194"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01"
}
]
}
}