admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:06:07 +00:00
parent c870f8cce9
commit 74e873b1ee
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3794 additions and 3794 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2003/1xxx/CVE-2003-1389.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1389", "ID": "CVE-2003-1389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks." "value": "RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities", "name": "cryptobuddy-truncate-weak-security(11294)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/311176" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11294"
}, },
{ {
"name" : "6815", "name": "6815",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6815" "url": "http://www.securityfocus.com/bid/6815"
}, },
{ {
"name" : "cryptobuddy-truncate-weak-security(11294)", "name": "20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11294" "url": "http://www.securityfocus.com/archive/1/311176"
} }
] ]
} }

92
2004/0xxx/CVE-2004-0226.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0226", "ID": "CVE-2004-0226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-497", "name": "SuSE-SA:2004:012",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2004/dsa-497" "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
}, },
{ {
"name" : "MDKSA-2004:039", "name": "GLSA-200405-21",
"refsource" : "MANDRAKE", "refsource": "GENTOO",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
}, },
{ {
"name" : "SuSE-SA:2004:012", "name": "midnight-commander-local-privileges(16016)",
"refsource" : "SUSE", "refsource": "XF",
"url" : "http://www.novell.com/linux/security/advisories/2004_12_mc.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
}, },
{ {
"name" : "RHSA-2004:172", "name": "MDKSA-2004:039",
"refsource" : "REDHAT", "refsource": "MANDRAKE",
"url" : "http://www.redhat.com/support/errata/RHSA-2004-172.html" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
}, },
{ {
"name" : "GLSA-200405-21", "name": "DSA-497",
"refsource" : "GENTOO", "refsource": "DEBIAN",
"url" : "http://security.gentoo.org/glsa/glsa-200405-21.xml" "url": "http://www.debian.org/security/2004/dsa-497"
}, },
{ {
"name" : "midnight-commander-local-privileges(16016)", "name": "RHSA-2004:172",
"refsource" : "XF", "refsource": "REDHAT",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
} }
] ]
} }

80
2004/0xxx/CVE-2004-0303.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0303", "ID": "CVE-2004-0303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd." "value": "OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040218 ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files", "name": "20040218 ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=107712123305706&w=2" "url": "http://marc.info/?l=bugtraq&m=107712123305706&w=2"
}, },
{ {
"name" : "http://www.zone-h.org/en/advisories/read/id=3973/", "name": "owls-file-retrieval(15249)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.zone-h.org/en/advisories/read/id=3973/" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15249"
}, },
{ {
"name" : "owls-file-retrieval(15249)", "name": "http://www.zone-h.org/en/advisories/read/id=3973/",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15249" "url": "http://www.zone-h.org/en/advisories/read/id=3973/"
}, },
{ {
"name" : "9689", "name": "9689",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/9689" "url": "http://www.securityfocus.com/bid/9689"
} }
] ]
} }

92
2004/0xxx/CVE-2004-0371.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0371", "ID": "CVE-2004-0371",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path." "value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/", "name": "GLSA-200404-09",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/" "url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
}, },
{ {
"name" : "DSA-476", "name": "20040530 009: SECURITY FIX: May 30, 2004",
"refsource" : "DEBIAN", "refsource": "OPENBSD",
"url" : "http://www.debian.org/security/2004/dsa-476" "url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
}, },
{ {
"name" : "FreeBSD-SA-04:08", "name": "heimdal-cross-realm-spoofing(15701)",
"refsource" : "FREEBSD", "refsource": "XF",
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
}, },
{ {
"name" : "20040530 009: SECURITY FIX: May 30, 2004", "name": "FreeBSD-SA-04:08",
"refsource" : "OPENBSD", "refsource": "FREEBSD",
"url" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch" "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
}, },
{ {
"name" : "GLSA-200404-09", "name": "DSA-476",
"refsource" : "GENTOO", "refsource": "DEBIAN",
"url" : "http://security.gentoo.org/glsa/glsa-200404-09.xml" "url": "http://www.debian.org/security/2004/dsa-476"
}, },
{ {
"name" : "heimdal-cross-realm-spoofing(15701)", "name": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701" "url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
} }
] ]
} }

164
2004/0xxx/CVE-2004-0595.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0595", "ID": "CVE-2004-0595",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities." "value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability", "name": "CLA-2004:847",
"refsource" : "FULLDISC", "refsource": "CONECTIVA",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html" "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847"
}, },
{ {
"name" : "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability", "name": "20040714 TSSA-2004-013 - php",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=108981780109154&w=2" "url": "http://marc.info/?l=bugtraq&m=108982983426031&w=2"
}, },
{ {
"name" : "20040714 TSSA-2004-013 - php", "name": "DSA-669",
"refsource" : "BUGTRAQ", "refsource": "DEBIAN",
"url" : "http://marc.info/?l=bugtraq&m=108982983426031&w=2" "url": "http://www.debian.org/security/2005/dsa-669"
}, },
{ {
"name" : "CLA-2004:847", "name": "oval:org.mitre.oval:def:10619",
"refsource" : "CONECTIVA", "refsource": "OVAL",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
}, },
{ {
"name" : "DSA-531", "name": "RHSA-2004:395",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2004/dsa-531" "url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
}, },
{ {
"name" : "DSA-669", "name": "RHSA-2004:405",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2005/dsa-669" "url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
}, },
{ {
"name" : "GLSA-200407-13", "name": "RHSA-2004:392",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml" "url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
}, },
{ {
"name" : "SSRT4777", "name": "DSA-531",
"refsource" : "HP", "refsource": "DEBIAN",
"url" : "http://marc.info/?l=bugtraq&m=109181600614477&w=2" "url": "http://www.debian.org/security/2004/dsa-531"
}, },
{ {
"name" : "MDKSA-2004:068", "name": "SUSE-SA:2004:021",
"refsource" : "MANDRAKE", "refsource": "SUSE",
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068" "url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
}, },
{ {
"name" : "RHSA-2004:392", "name": "MDKSA-2004:068",
"refsource" : "REDHAT", "refsource": "MANDRAKE",
"url" : "http://www.redhat.com/support/errata/RHSA-2004-392.html" "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
}, },
{ {
"name" : "RHSA-2004:395", "name": "php-strip-tag-bypass(16692)",
"refsource" : "REDHAT", "refsource": "XF",
"url" : "http://www.redhat.com/support/errata/RHSA-2004-395.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
}, },
{ {
"name" : "RHSA-2004:405", "name": "RHSA-2005:816",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2004-405.html" "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
}, },
{ {
"name" : "RHSA-2005:816", "name": "SSRT4777",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-816.html" "url": "http://marc.info/?l=bugtraq&m=109181600614477&w=2"
}, },
{ {
"name" : "SUSE-SA:2004:021", "name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource" : "SUSE", "refsource": "BUGTRAQ",
"url" : "http://www.novell.com/linux/security/advisories/2004_21_php4.html" "url": "http://marc.info/?l=bugtraq&m=109051444105182&w=2"
}, },
{ {
"name" : "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)", "name": "10724",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=109051444105182&w=2" "url": "http://www.securityfocus.com/bid/10724"
}, },
{ {
"name" : "10724", "name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/10724" "url": "http://marc.info/?l=bugtraq&m=108981780109154&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10619", "name": "GLSA-200407-13",
"refsource" : "OVAL", "refsource": "GENTOO",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619" "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
}, },
{ {
"name" : "php-strip-tag-bypass(16692)", "name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"refsource" : "XF", "refsource": "FULLDISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
} }
] ]
} }

98
2004/1xxx/CVE-2004-1104.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1104", "ID": "CVE-2004-1104",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty \"href\" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL." "value": "Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty \"href\" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20041030 Re: New URL spoofing bug in Microsoft Internet Explorer", "name": "11273",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/379903" "url": "http://secunia.com/advisories/11273"
}, },
{ {
"name" : "20060218 Re: Internet Explorer Phishing mouseover issue", "name": "20041030 Re: New URL spoofing bug in Microsoft Internet Explorer",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/425386/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/379903"
}, },
{ {
"name" : "20060223 Re: Internet Explorer Phishing mouseover issue", "name": "ie-ahref-status-spoofing(17938)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/425883/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17938"
}, },
{ {
"name" : "VU#702086", "name": "VU#702086",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/702086" "url": "http://www.kb.cert.org/vuls/id/702086"
}, },
{ {
"name" : "11565", "name": "11565",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/11565" "url": "http://www.securityfocus.com/bid/11565"
}, },
{ {
"name" : "11273", "name": "20060218 Re: Internet Explorer Phishing mouseover issue",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/11273" "url": "http://www.securityfocus.com/archive/1/425386/100/0/threaded"
}, },
{ {
"name" : "ie-ahref-status-spoofing(17938)", "name": "20060223 Re: Internet Explorer Phishing mouseover issue",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17938" "url": "http://www.securityfocus.com/archive/1/425883/100/0/threaded"
} }
] ]
} }

92
2004/1xxx/CVE-2004-1120.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1120", "ID": "CVE-2004-1120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header." "value": "Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "GLSA-200411-31", "name": "http://bugs.gentoo.org/show_bug.cgi?id=70090",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml" "url": "http://bugs.gentoo.org/show_bug.cgi?id=70090"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=70090", "name": "GLSA-200411-31",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=70090" "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml"
}, },
{ {
"name" : "20041124 Prozilla Remote Exploit", "name": "DSA-663",
"refsource" : "BUGTRAQ", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/archive/1/382219" "url": "http://www.debian.org/security/2005/dsa-663"
}, },
{ {
"name" : "DSA-663", "name": "prozilla-bo(18210)",
"refsource" : "DEBIAN", "refsource": "XF",
"url" : "http://www.debian.org/security/2005/dsa-663" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18210"
}, },
{ {
"name" : "11734", "name": "11734",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/11734" "url": "http://www.securityfocus.com/bid/11734"
}, },
{ {
"name" : "prozilla-bo(18210)", "name": "20041124 Prozilla Remote Exploit",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18210" "url": "http://www.securityfocus.com/archive/1/382219"
} }
] ]
} }

80
2004/1xxx/CVE-2004-1203.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1203", "ID": "CVE-2004-1203",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path." "value": "parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure", "name": "20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure",
"refsource" : "BUGTRAQ", "refsource": "FULLDISC",
"url" : "http://marc.info/?l=bugtraq&m=110149207123510&w=2" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html"
}, },
{ {
"name" : "20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure", "name": "phpcms-parser-xss(18272)",
"refsource" : "FULLDISC", "refsource": "XF",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18272"
}, },
{ {
"name" : "phpcms-parser-path-disclosure(18279)", "name": "20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18279" "url": "http://marc.info/?l=bugtraq&m=110149207123510&w=2"
}, },
{ {
"name" : "phpcms-parser-xss(18272)", "name": "phpcms-parser-path-disclosure(18279)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18272" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18279"
} }
] ]
} }

62
2004/1xxx/CVE-2004-1781.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1781", "ID": "CVE-2004-1781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command." "value": "Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "9348", "name": "9348",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/9348" "url": "http://www.securityfocus.com/bid/9348"
} }
] ]
} }

74
2004/2xxx/CVE-2004-2292.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2292", "ID": "CVE-2004-2292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server." "value": "Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040512 Mdaemon 7.0.1 IMAP overflow.", "name": "10366",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0527.html" "url": "http://www.securityfocus.com/bid/10366"
}, },
{ {
"name" : "10366", "name": "mdaemon-imap-status-bo(16118)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/10366" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16118"
}, },
{ {
"name" : "mdaemon-imap-status-bo(16118)", "name": "20040512 Mdaemon 7.0.1 IMAP overflow.",
"refsource" : "XF", "refsource": "FULLDISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16118" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0527.html"
} }
] ]
} }

86
2004/2xxx/CVE-2004-2474.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2474", "ID": "CVE-2004-2474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php." "value": "SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://newsphp.sourceforge.net/changelog/changelog_1.24.txt", "name": "12119",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://newsphp.sourceforge.net/changelog/changelog_1.24.txt" "url": "http://www.osvdb.org/12119"
}, },
{ {
"name" : "11748", "name": "13300",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/11748" "url": "http://secunia.com/advisories/13300"
}, },
{ {
"name" : "12119", "name": "http://newsphp.sourceforge.net/changelog/changelog_1.24.txt",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/12119" "url": "http://newsphp.sourceforge.net/changelog/changelog_1.24.txt"
}, },
{ {
"name" : "13300", "name": "phpnews-sendtofriend-sql-injection(18233)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/13300" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18233"
}, },
{ {
"name" : "phpnews-sendtofriend-sql-injection(18233)", "name": "11748",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18233" "url": "http://www.securityfocus.com/bid/11748"
} }
] ]
} }

80
2004/2xxx/CVE-2004-2648.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2648", "ID": "CVE-2004-2648",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file." "value": "FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20041220 FreezeX file access vulnerability", "name": "20041220 FreezeX file access vulnerability",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0458.html" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0458.html"
}, },
{ {
"name" : "12659", "name": "1012699",
"refsource" : "OSVDB", "refsource": "SECTRACK",
"url" : "http://www.osvdb.org/12659" "url": "http://securitytracker.com/id?1012699"
}, },
{ {
"name" : "1012699", "name": "freezex-dbfzx-dos(18643)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1012699" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18643"
}, },
{ {
"name" : "freezex-dbfzx-dos(18643)", "name": "12659",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18643" "url": "http://www.osvdb.org/12659"
} }
] ]
} }

128
2008/2xxx/CVE-2008-2097.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2097", "ID": "CVE-2008-2097",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an \"invalid Content-Length.\"" "value": "Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an \"invalid Content-Length.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "name": "ADV-2008-1744",
"refsource" : "BUGTRAQ", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/archive/1/493080/100/0/threaded" "url": "http://www.vupen.com/english/advisories/2008/1744"
}, },
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "name": "SUSE-SR:2008:012",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
}, },
{ {
"name" : "SUSE-SR:2008:012", "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html" "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
}, },
{ {
"name" : "29547", "name": "30556",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/29547" "url": "http://secunia.com/advisories/30556"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5640", "name": "oval:org.mitre.oval:def:5640",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5640" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5640"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5759", "name": "1020199",
"refsource" : "OVAL", "refsource": "SECTRACK",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5759" "url": "http://securitytracker.com/id?1020199"
}, },
{ {
"name" : "ADV-2008-1744", "name": "29547",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2008/1744" "url": "http://www.securityfocus.com/bid/29547"
}, },
{ {
"name" : "1020199", "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1020199" "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
}, },
{ {
"name" : "30556", "name": "oval:org.mitre.oval:def:5759",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/30556" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5759"
}, },
{ {
"name" : "30581", "name": "3922",
"refsource" : "SECUNIA", "refsource": "SREASON",
"url" : "http://secunia.com/advisories/30581" "url": "http://securityreason.com/securityalert/3922"
}, },
{ {
"name" : "3922", "name": "vmware-openwsman-privilege-escalation(42875)",
"refsource" : "SREASON", "refsource": "XF",
"url" : "http://securityreason.com/securityalert/3922" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42875"
}, },
{ {
"name" : "vmware-openwsman-privilege-escalation(42875)", "name": "30581",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42875" "url": "http://secunia.com/advisories/30581"
} }
] ]
} }

164
2008/2xxx/CVE-2008-2168.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2168", "ID": "CVE-2008-2168",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page." "value": "Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080508 Apache Server HTML Injection and UTF-7 XSS Vulnerability", "name": "3889",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/491862/100/0/threaded" "url": "http://securityreason.com/securityalert/3889"
}, },
{ {
"name" : "20080510 Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability", "name": "apache-403-xss(42303)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/491901/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42303"
}, },
{ {
"name" : "20080510 Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability", "name": "34219",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/491930/100/0/threaded" "url": "http://secunia.com/advisories/34219"
}, },
{ {
"name" : "20080512 Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability", "name": "20080512 Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/491967/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/491967/100/0/threaded"
}, },
{ {
"name" : "HPSBUX02365", "name": "oval:org.mitre.oval:def:5143",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5143"
}, },
{ {
"name" : "SSRT080118", "name": "HPSBUX02465",
"refsource" : "HP", "refsource": "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432" "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
}, },
{ {
"name" : "HPSBUX02431", "name": "31651",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=124654546101607&w=2" "url": "http://secunia.com/advisories/31651"
}, },
{ {
"name" : "SSRT090085", "name": "SSRT090085",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=124654546101607&w=2" "url": "http://marc.info/?l=bugtraq&m=124654546101607&w=2"
}, },
{ {
"name" : "HPSBUX02465", "name": "SSRT090192",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2" "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
}, },
{ {
"name" : "SSRT090192", "name": "29112",
"refsource" : "HP", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2" "url": "http://www.securityfocus.com/bid/29112"
}, },
{ {
"name" : "USN-731-1", "name": "USN-731-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-731-1" "url": "http://www.ubuntu.com/usn/USN-731-1"
}, },
{ {
"name" : "29112", "name": "HPSBUX02365",
"refsource" : "BID", "refsource": "HP",
"url" : "http://www.securityfocus.com/bid/29112" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5143", "name": "20080510 Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability",
"refsource" : "OVAL", "refsource": "BUGTRAQ",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5143" "url": "http://www.securityfocus.com/archive/1/491901/100/0/threaded"
}, },
{ {
"name" : "31651", "name": "20080508 Apache Server HTML Injection and UTF-7 XSS Vulnerability",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/31651" "url": "http://www.securityfocus.com/archive/1/491862/100/0/threaded"
}, },
{ {
"name" : "34219", "name": "20080510 Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/34219" "url": "http://www.securityfocus.com/archive/1/491930/100/0/threaded"
}, },
{ {
"name" : "35650", "name": "HPSBUX02431",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/35650" "url": "http://marc.info/?l=bugtraq&m=124654546101607&w=2"
}, },
{ {
"name" : "3889", "name": "SSRT080118",
"refsource" : "SREASON", "refsource": "HP",
"url" : "http://securityreason.com/securityalert/3889" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432"
}, },
{ {
"name" : "apache-403-xss(42303)", "name": "35650",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42303" "url": "http://secunia.com/advisories/35650"
} }
] ]
} }

98
2008/2xxx/CVE-2008-2309.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2309", "ID": "CVE-2008-2309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a \"potentially unsafe\" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5." "value": "Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a \"potentially unsafe\" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT2163", "name": "http://support.apple.com/kb/HT2163",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT2163" "url": "http://support.apple.com/kb/HT2163"
}, },
{ {
"name" : "APPLE-SA-2008-06-30", "name": "ADV-2008-1981",
"refsource" : "APPLE", "refsource": "VUPEN",
"url" : "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" "url": "http://www.vupen.com/english/advisories/2008/1981/references"
}, },
{ {
"name" : "30018", "name": "APPLE-SA-2008-06-30",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/30018" "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
}, },
{ {
"name" : "ADV-2008-1981", "name": "30802",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/1981/references" "url": "http://secunia.com/advisories/30802"
}, },
{ {
"name" : "1020391", "name": "1020391",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1020391" "url": "http://securitytracker.com/id?1020391"
}, },
{ {
"name" : "30802", "name": "macos-coretypes-code-execution(43493)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/30802" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43493"
}, },
{ {
"name" : "macos-coretypes-code-execution(43493)", "name": "30018",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43493" "url": "http://www.securityfocus.com/bid/30018"
} }
] ]
} }

74
2008/2xxx/CVE-2008-2389.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2389", "ID": "CVE-2008-2389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack." "value": "opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "SUSE-SR:2008:012", "name": "SUSE-SR:2008:012",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
}, },
{ {
"name" : "29608", "name": "29608",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/29608" "url": "http://www.securityfocus.com/bid/29608"
}, },
{ {
"name" : "30581", "name": "30581",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30581" "url": "http://secunia.com/advisories/30581"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6122.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6122", "ID": "CVE-2008-6122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark (\"?\")." "value": "The web management interface in Netgear WGR614v9 allows remote attackers to cause a denial of service (crash) via a request that contains a question mark (\"?\")."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081113 Netgear WGR614v9 DoS to Admin Interface (internal and external)", "name": "20081113 Netgear WGR614v9 DoS to Admin Interface (internal and external)",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065619.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065619.html"
}, },
{ {
"name" : "32290", "name": "32290",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/32290" "url": "http://www.securityfocus.com/bid/32290"
}, },
{ {
"name" : "ADV-2008-3174", "name": "ADV-2008-3174",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/3174" "url": "http://www.vupen.com/english/advisories/2008/3174"
}, },
{ {
"name" : "32716", "name": "wgr614-interface-dos(46602)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/32716" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46602"
}, },
{ {
"name" : "wgr614-interface-dos(46602)", "name": "32716",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46602" "url": "http://secunia.com/advisories/32716"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6128.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6128", "ID": "CVE-2008-6128",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter." "value": "Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55", "name": "32021",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55" "url": "http://secunia.com/advisories/32021"
}, },
{ {
"name" : "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog", "name": "31495",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog" "url": "http://www.securityfocus.com/bid/31495"
}, },
{ {
"name" : "31495", "name": "mozilocms-phpsessid-session-hijacking(45526)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/31495" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45526"
}, },
{ {
"name" : "32021", "name": "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/32021" "url": "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog"
}, },
{ {
"name" : "mozilocms-phpsessid-session-hijacking(45526)", "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45526" "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55"
} }
] ]
} }

80
2008/6xxx/CVE-2008-6292.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6292", "ID": "CVE-2008-6292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to \"admin,\" (2) right_cookie to \"1,\" and (3) id_cookie to \"1.\"" "value": "Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to \"admin,\" (2) right_cookie to \"1,\" and (3) id_cookie to \"1.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "6968", "name": "6968",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/6968" "url": "https://www.exploit-db.com/exploits/6968"
}, },
{ {
"name" : "32083", "name": "accautos-cookie-auth-bypass(46287)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/32083" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46287"
}, },
{ {
"name" : "32517", "name": "32517",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/32517" "url": "http://secunia.com/advisories/32517"
}, },
{ {
"name" : "accautos-cookie-auth-bypass(46287)", "name": "32083",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46287" "url": "http://www.securityfocus.com/bid/32083"
} }
] ]
} }

92
2008/6xxx/CVE-2008-6497.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6497", "ID": "CVE-2008-6497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI." "value": "The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081208 Neostrada Livebox Remote Network Down PoC Exploit", "name": "33026",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/499010/100/0/threaded" "url": "http://secunia.com/advisories/33026"
}, },
{ {
"name" : "7387", "name": "50673",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/7387" "url": "http://osvdb.org/50673"
}, },
{ {
"name" : "32696", "name": "neostradalivebox-adsl-dos(47183)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/32696" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47183"
}, },
{ {
"name" : "50673", "name": "7387",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/50673" "url": "https://www.exploit-db.com/exploits/7387"
}, },
{ {
"name" : "33026", "name": "20081208 Neostrada Livebox Remote Network Down PoC Exploit",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/33026" "url": "http://www.securityfocus.com/archive/1/499010/100/0/threaded"
}, },
{ {
"name" : "neostradalivebox-adsl-dos(47183)", "name": "32696",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47183" "url": "http://www.securityfocus.com/bid/32696"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6794.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6794", "ID": "CVE-2008-6794",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter." "value": "SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "6923", "name": "32524",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/6923" "url": "http://secunia.com/advisories/32524"
}, },
{ {
"name" : "35046", "name": "6923",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/35046" "url": "https://www.exploit-db.com/exploits/6923"
}, },
{ {
"name" : "49483", "name": "49483",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/49483" "url": "http://osvdb.org/49483"
}, },
{ {
"name" : "32524", "name": "sfs-directory-sql-injection(50473)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/32524" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50473"
}, },
{ {
"name" : "sfs-directory-sql-injection(50473)", "name": "35046",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50473" "url": "http://www.securityfocus.com/bid/35046"
} }
] ]
} }

80
2008/6xxx/CVE-2008-6880.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6880", "ID": "CVE-2008-6880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081218 EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability", "name": "32908",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/499351/100/0/threaded" "url": "http://www.securityfocus.com/bid/32908"
}, },
{ {
"name" : "32908", "name": "20081218 EasySiteNetwork (joke.php?id) Remote SQL injection Vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/32908" "url": "http://www.securityfocus.com/archive/1/499351/100/0/threaded"
}, },
{ {
"name" : "52032", "name": "52032",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/52032" "url": "http://osvdb.org/52032"
}, },
{ {
"name" : "freejokeswebsite-jokes-sql-injection(47468)", "name": "freejokeswebsite-jokes-sql-injection(47468)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47468" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47468"
} }
] ]
} }

22
2012/5xxx/CVE-2012-5436.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5436", "ID": "CVE-2012-5436",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

64
2017/11xxx/CVE-2017-11022.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-11-01T00:00:00", "DATE_PUBLIC": "2017-11-01T00:00:00",
"ID" : "CVE-2017-11022", "ID": "CVE-2017-11022",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of information elements using ini file." "value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of information elements using ini file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Exposure in WLAN" "value": "Information Exposure in WLAN"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/pixel/2017-11-01", "name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-11-01" "url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
} }
] ]
} }

70
2017/11xxx/CVE-2017-11092.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-11-01T00:00:00", "DATE_PUBLIC": "2017-11-01T00:00:00",
"ID" : "CVE-2017-11092", "ID": "CVE-2017-11092",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can potentially occur." "value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl_gpu_command, a Use After Free condition can potentially occur."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use After Free in Graphics" "value": "Use After Free in Graphics"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-11-01", "name": "101774",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-11-01" "url": "http://www.securityfocus.com/bid/101774"
}, },
{ {
"name" : "101774", "name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101774" "url": "https://source.android.com/security/bulletin/2017-11-01"
} }
] ]
} }

22
2017/11xxx/CVE-2017-11206.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11206", "ID": "CVE-2017-11206",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2017/11xxx/CVE-2017-11696.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11696", "ID": "CVE-2017-11696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file." "value": "Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20170811 Multiple unpatched flaws exist in NSS (CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698)", "name": "1039153",
"refsource" : "FULLDISC", "refsource": "SECTRACK",
"url" : "http://seclists.org/fulldisclosure/2017/Aug/17" "url": "http://www.securitytracker.com/id/1039153"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html", "name": "100345",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html" "url": "http://www.securityfocus.com/bid/100345"
}, },
{ {
"name" : "http://www.geeknik.net/9brdqk6xu", "name": "http://www.geeknik.net/9brdqk6xu",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.geeknik.net/9brdqk6xu" "url": "http://www.geeknik.net/9brdqk6xu"
}, },
{ {
"name" : "100345", "name": "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/100345" "url": "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html"
}, },
{ {
"name" : "1039153", "name": "20170811 Multiple unpatched flaws exist in NSS (CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698)",
"refsource" : "SECTRACK", "refsource": "FULLDISC",
"url" : "http://www.securitytracker.com/id/1039153" "url": "http://seclists.org/fulldisclosure/2017/Aug/17"
} }
] ]
} }

76
2017/11xxx/CVE-2017-11853.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-11-14T00:00:00", "DATE_PUBLIC": "2017-11-14T00:00:00",
"ID" : "CVE-2017-11853", "ID": "CVE-2017-11853",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows kernel", "product_name": "Windows kernel",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709." "version_value": "Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows kernel improperly initializing a memory address, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-11842, CVE-2017-11849, and CVE-2017-11851." "value": "Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows kernel improperly initializing a memory address, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-11842, CVE-2017-11849, and CVE-2017-11851."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11853", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11853",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11853" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11853"
}, },
{ {
"name" : "101764", "name": "1039782",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101764" "url": "http://www.securitytracker.com/id/1039782"
}, },
{ {
"name" : "1039782", "name": "101764",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039782" "url": "http://www.securityfocus.com/bid/101764"
} }
] ]
} }

22
2017/14xxx/CVE-2017-14074.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14074", "ID": "CVE-2017-14074",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2017/15xxx/CVE-2017-15085.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC" : "2017-10-24T00:00:00", "DATE_PUBLIC": "2017-10-24T00:00:00",
"ID" : "CVE-2017-15085", "ID": "CVE-2017-15085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Gluster Storage for RHEL 6", "product_name": "Gluster Storage for RHEL 6",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.3" "version_value": "3.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Red Hat, Inc." "vendor_name": "Red Hat, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6." "value": "It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-300" "value": "CWE-300"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085", "name": "101554",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085" "url": "http://www.securityfocus.com/bid/101554"
}, },
{ {
"name" : "RHSA-2017:3110", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2017:3110" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085"
}, },
{ {
"name" : "101554", "name": "RHSA-2017:3110",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/101554" "url": "https://access.redhat.com/errata/RHSA-2017:3110"
} }
] ]
} }

68
2017/15xxx/CVE-2017-15358.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15358", "ID": "CVE-2017-15358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option." "value": "Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "45107", "name": "45107",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45107/" "url": "https://www.exploit-db.com/exploits/45107/"
}, },
{ {
"name" : "https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html", "name": "https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html" "url": "https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html"
} }
] ]
} }

92
2017/15xxx/CVE-2017-15594.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15594", "ID": "CVE-2017-15594",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging." "value": "An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update", "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html" "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
}, },
{ {
"name" : "https://xenbits.xen.org/xsa/advisory-244.html", "name": "https://xenbits.xen.org/xsa/advisory-244.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://xenbits.xen.org/xsa/advisory-244.html" "url": "https://xenbits.xen.org/xsa/advisory-244.html"
}, },
{ {
"name" : "https://support.citrix.com/article/CTX228867", "name": "DSA-4050",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://support.citrix.com/article/CTX228867" "url": "https://www.debian.org/security/2017/dsa-4050"
}, },
{ {
"name" : "DSA-4050", "name": "https://support.citrix.com/article/CTX228867",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "https://www.debian.org/security/2017/dsa-4050" "url": "https://support.citrix.com/article/CTX228867"
}, },
{ {
"name" : "GLSA-201801-14", "name": "GLSA-201801-14",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201801-14" "url": "https://security.gentoo.org/glsa/201801-14"
}, },
{ {
"name" : "1039568", "name": "1039568",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039568" "url": "http://www.securitytracker.com/id/1039568"
} }
] ]
} }

62
2017/15xxx/CVE-2017-15785.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15785", "ID": "CVE-2017-15785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a \"Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79.\"" "value": "XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a \"Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15785", "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15785",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15785" "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15785"
} }
] ]
} }

80
2017/3xxx/CVE-2017-3341.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3341", "ID": "CVE-2017-3341",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Marketing", "product_name": "Marketing",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_value" : "12.2.6" "version_value": "12.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)." "value": "Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert or delete access to some of Oracle Marketing accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "name": "95500",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "url": "http://www.securityfocus.com/bid/95500"
}, },
{ {
"name" : "95500", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/95500" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
} }
] ]
} }

22
2017/3xxx/CVE-2017-3675.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-3675", "ID": "CVE-2017-3675",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/8xxx/CVE-2017-8187.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2017-8187", "ID": "CVE-2017-8187",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FusionSphere OpenStack", "product_name": "FusionSphere OpenStack",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "V100R006C00SPC102(NFV)" "version_value": "V100R006C00SPC102(NFV)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation." "value": "Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "privilege escalation" "value": "privilege escalation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-fusionsphere-en"
} }
] ]
} }

68
2017/8xxx/CVE-2017-8222.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8222", "ID": "CVE-2017-8222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Wireless IP Camera (P2P) WIFICAM devices have an \"Apple Production IOS Push Services\" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information." "value": "Wireless IP Camera (P2P) WIFICAM devices have an \"Apple Production IOS Push Services\" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://seclists.org/fulldisclosure/2017/Mar/23", "name": "https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#rsa-lulz",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2017/Mar/23" "url": "https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#rsa-lulz"
}, },
{ {
"name" : "https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#rsa-lulz", "name": "http://seclists.org/fulldisclosure/2017/Mar/23",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#rsa-lulz" "url": "http://seclists.org/fulldisclosure/2017/Mar/23"
} }
] ]
} }

74
2017/8xxx/CVE-2017-8281.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-8281", "ID": "CVE-2017-8281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI." "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-09-01", "name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-09-01" "url": "https://source.android.com/security/bulletin/2017-09-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/pixel/2017-12-01", "name": "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-12-01" "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
}, },
{ {
"name" : "100658", "name": "100658",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/100658" "url": "http://www.securityfocus.com/bid/100658"
} }
] ]
} }

64
2018/12xxx/CVE-2018-12198.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-03-12T00:00:00", "DATE_PUBLIC": "2019-03-12T00:00:00",
"ID" : "CVE-2018-12198", "ID": "CVE-2018-12198",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", "product_name": "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Multiple versions." "version_value": "Multiple versions."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access." "value": "Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service" "value": "Denial of Service"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html" "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html"
} }
] ]
} }

62
2018/12xxx/CVE-2018-12574.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12574", "ID": "CVE-2018-12574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices." "value": "CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", "name": "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/" "url": "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/"
} }
] ]
} }

22
2018/12xxx/CVE-2018-12628.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12628", "ID": "CVE-2018-12628",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2018/13xxx/CVE-2018-13093.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13093", "ID": "CVE-2018-13093",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation." "value": "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.kernel.org/show_bug.cgi?id=199367", "name": "https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugzilla.kernel.org/show_bug.cgi?id=199367" "url": "https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff"
}, },
{ {
"name" : "https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff", "name": "https://github.com/torvalds/linux/commit/afca6c5b2595fc44383919fba740c194b0b76aff",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff" "url": "https://github.com/torvalds/linux/commit/afca6c5b2595fc44383919fba740c194b0b76aff"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/afca6c5b2595fc44383919fba740c194b0b76aff", "name": "https://bugzilla.kernel.org/show_bug.cgi?id=199367",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/torvalds/linux/commit/afca6c5b2595fc44383919fba740c194b0b76aff" "url": "https://bugzilla.kernel.org/show_bug.cgi?id=199367"
} }
] ]
} }

86
2018/13xxx/CVE-2018-13259.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@debian.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2018-13259", "ID": "CVE-2018-13259",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "zsh before 5.6", "product_name": "zsh before 5.6",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "zsh before 5.6" "version_value": "zsh before 5.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one." "value": "An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "improper parsing" "value": "improper parsing"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.debian.org/908000", "name": "https://bugs.debian.org/908000",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugs.debian.org/908000" "url": "https://bugs.debian.org/908000"
}, },
{ {
"name" : "https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d", "name": "https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d" "url": "https://sourceforge.net/p/zsh/code/ci/1c4c7b6a4d17294df028322b70c53803a402233d"
}, },
{ {
"name" : "https://www.zsh.org/mla/zsh-announce/136", "name": "https://www.zsh.org/mla/zsh-announce/136",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.zsh.org/mla/zsh-announce/136" "url": "https://www.zsh.org/mla/zsh-announce/136"
}, },
{ {
"name" : "GLSA-201903-02", "name": "USN-3764-1",
"refsource" : "GENTOO", "refsource": "UBUNTU",
"url" : "https://security.gentoo.org/glsa/201903-02" "url": "https://usn.ubuntu.com/3764-1/"
}, },
{ {
"name" : "USN-3764-1", "name": "GLSA-201903-02",
"refsource" : "UBUNTU", "refsource": "GENTOO",
"url" : "https://usn.ubuntu.com/3764-1/" "url": "https://security.gentoo.org/glsa/201903-02"
} }
] ]
} }

62
2018/13xxx/CVE-2018-13353.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13353", "ID": "CVE-2018-13353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the \"checkport\" parameter." "value": "System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the \"checkport\" parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a", "name": "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a" "url": "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a"
} }
] ]
} }

22
2018/13xxx/CVE-2018-13452.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13452", "ID": "CVE-2018-13452",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/13xxx/CVE-2018-13854.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13854", "ID": "CVE-2018-13854",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/13xxx/CVE-2018-13906.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13906", "ID": "CVE-2018-13906",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/16xxx/CVE-2018-16292.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16292", "ID": "CVE-2018-16292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." "value": "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "1041769", "name": "1041769",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041769" "url": "http://www.securitytracker.com/id/1041769"
} }
] ]
} }

22
2018/16xxx/CVE-2018-16394.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16394", "ID": "CVE-2018-16394",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/16xxx/CVE-2018-16536.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-16536", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-16536",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }

22
2018/16xxx/CVE-2018-16593.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16593", "ID": "CVE-2018-16593",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/16xxx/CVE-2018-16607.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16607", "ID": "CVE-2018-16607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field." "value": "Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/document/d/1MKeb9lly_oOrVG0Ja4A-HgwaeXhb_xQHT9IIOee3wi0/edit", "name": "https://docs.google.com/document/d/1MKeb9lly_oOrVG0Ja4A-HgwaeXhb_xQHT9IIOee3wi0/edit",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://docs.google.com/document/d/1MKeb9lly_oOrVG0Ja4A-HgwaeXhb_xQHT9IIOee3wi0/edit" "url": "https://docs.google.com/document/d/1MKeb9lly_oOrVG0Ja4A-HgwaeXhb_xQHT9IIOee3wi0/edit"
} }
] ]
} }

22
2018/16xxx/CVE-2018-16929.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16929", "ID": "CVE-2018-16929",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/17xxx/CVE-2018-17216.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17216", "ID": "CVE-2018-17216",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users." "value": "An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.ptc.com/en/support/article?n=CS291004", "name": "https://www.ptc.com/en/support/article?n=CS291004",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.ptc.com/en/support/article?n=CS291004" "url": "https://www.ptc.com/en/support/article?n=CS291004"
} }
] ]
} }

94
2018/17xxx/CVE-2018-17468.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-17468", "ID": "CVE-2018-17468",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : " 70.0.3538.67" "version_value": " 70.0.3538.67"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page." "value": "Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Inappropriate implementation" "value": "Inappropriate implementation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://crbug.com/876822", "name": "DSA-4330",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://crbug.com/876822" "url": "https://www.debian.org/security/2018/dsa-4330"
}, },
{ {
"name" : "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html", "name": "RHSA-2018:3004",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html" "url": "https://access.redhat.com/errata/RHSA-2018:3004"
}, },
{ {
"name" : "DSA-4330", "name": "GLSA-201811-10",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "https://www.debian.org/security/2018/dsa-4330" "url": "https://security.gentoo.org/glsa/201811-10"
}, },
{ {
"name" : "GLSA-201811-10", "name": "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201811-10" "url": "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html"
}, },
{ {
"name" : "RHSA-2018:3004", "name": "105666",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2018:3004" "url": "http://www.securityfocus.com/bid/105666"
}, },
{ {
"name" : "105666", "name": "https://crbug.com/876822",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/105666" "url": "https://crbug.com/876822"
} }
] ]
} }

68
2018/17xxx/CVE-2018-17698.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-17698", "ID": "CVE-2018-17698",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "PhantomPDF", "product_name": "PhantomPDF",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.2.0.9297" "version_value": "9.2.0.9297"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of a text field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7067." "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of a text field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7067."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-416: Use After Free" "value": "CWE-416: Use After Free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1219/", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1219/" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "https://www.zerodayinitiative.com/advisories/ZDI-18-1219/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-1219/"
} }
] ]
} }

70
2018/17xxx/CVE-2018-17935.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-10-23T00:00:00", "DATE_PUBLIC": "2018-10-23T00:00:00",
"ID" : "CVE-2018-17935", "ID": "CVE-2018-17935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "F25 Series", "product_name": "F25 Series",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to version 00.0A" "version_value": "All versions prior to version 00.0A"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Telecrane" "vendor_name": "Telecrane"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state." "value": "All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294" "value": "AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03", "name": "105732",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03" "url": "http://www.securityfocus.com/bid/105732"
}, },
{ {
"name" : "105732", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/105732" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03"
} }
] ]
} }

62
2018/4xxx/CVE-2018-4047.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2018-4047", "ID": "CVE-2018-4047",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Clean My Mac", "product_name": "Clean My Mac",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Clean My Mac X 4.04" "version_value": "Clean My Mac X 4.04"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." "value": "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Input Validation" "value": "Improper Input Validation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0721", "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0721",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0721" "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0721"
} }
] ]
} }

74
2018/4xxx/CVE-2018-4963.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4963", "ID": "CVE-2018-4963",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions", "product_name": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions" "version_value": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." "value": "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Out-of-bounds read" "value": "Out-of-bounds read"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html", "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html"
}, },
{ {
"name" : "104175", "name": "1040920",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/104175" "url": "http://www.securitytracker.com/id/1040920"
}, },
{ {
"name" : "1040920", "name": "104175",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1040920" "url": "http://www.securityfocus.com/bid/104175"
} }
] ]
} }