admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:48:18 +00:00
parent 3320f2eb3e
commit 7700c5299f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 4056 additions and 4056 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
2002/1xxx/CVE-2002-1166.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1166", "ID": "CVE-2002-1166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0138.html" "lang": "eng",
}, "value": "Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request."
{ }
"name" : "20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=103340145725050&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9836", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/9836" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "wn-server-get-bo(10223)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/10223.php" ]
}, },
{ "references": {
"name" : "5831", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/5831" "name": "5831",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/5831"
} },
{
"name": "20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0138.html"
},
{
"name": "9836",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9836"
},
{
"name": "20020930 iDEFENSE Security Advisory 09.30.2002: Buffer Overflow in WN Server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=103340145725050&w=2"
},
{
"name": "wn-server-get-bo(10223)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10223.php"
}
]
}
} }

358
2002/1xxx/CVE-2002-1337.json
View File

@ -1,182 +1,182 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1337", "ID": "CVE-2002-1337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030303 Remote Sendmail Header Processing Vulnerability", "description_data": [
"refsource" : "ISS", {
"url" : "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950" "lang": "eng",
}, "value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
{ }
"name" : "http://www.sendmail.org/8.12.8.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.sendmail.org/8.12.8.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20030303 sendmail 8.12.8 available", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=104673778105192&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20030304 [LSD] Technical analysis of the remote sendmail vulnerability", ]
"refsource" : "BUGTRAQ", }
"url" : "http://marc.info/?l=bugtraq&m=104678739608479&w=2" ]
}, },
{ "references": {
"name" : "CA-2003-07", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-2003-07.html" "name": "RHSA-2003:073",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
"name" : "RHSA-2003:073", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2003-073.html" "name": "20030301-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
"name" : "RHSA-2003:074", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2003-074.html" "name": "IY40501",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only"
"name" : "RHSA-2003:227", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2003-227.html" "name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=104678862109841&w=2"
"name" : "20030301-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P" "name": "RHSA-2003:227",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
"name" : "IY40500", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only" "name": "6991",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/6991"
"name" : "IY40501", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only" "name": "VU#398025",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/398025"
"name" : "IY40502", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only" "name": "http://www.sendmail.org/8.12.8.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.sendmail.org/8.12.8.html"
"name" : "MDKSA-2003:028", },
"refsource" : "MANDRAKE", {
"url" : "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028" "name": "DSA-257",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2003/dsa-257"
"name" : "NetBSD-SA2003-002", },
"refsource" : "NETBSD", {
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc" "name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=104678739608479&w=2"
"name" : "CLA-2003:571", },
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571" "name": "oval:org.mitre.oval:def:2222",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
"name" : "DSA-257", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-257" "name": "RHSA-2003:074",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
"name" : "HPSBUX0302-246", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=104679411316818&w=2" "name": "CA-2003-07",
}, "refsource": "CERT",
{ "url": "http://www.cert.org/advisories/CA-2003-07.html"
"name" : "CSSA-2003-SCO.6", },
"refsource" : "CALDERA", {
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6" "name": "20030303 sendmail 8.12.8 available",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=104673778105192&w=2"
"name" : "CSSA-2003-SCO.5", },
"refsource" : "CALDERA", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5" "name": "MDKSA-2003:028",
}, "refsource": "MANDRAKE",
{ "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
"name" : "20030304 GLSA: sendmail (200303-4)", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=104678862409849&w=2" "name": "IY40500",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only"
"name" : "20030303 Fwd: APPLE-SA-2003-03-03 sendmail", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=104678862109841&w=2" "name": "sendmail-header-processing-bo(10748)",
}, "refsource": "XF",
{ "url": "http://www.iss.net/security_center/static/10748.php"
"name" : "VU#398025", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/398025" "name": "CSSA-2003-SCO.6",
}, "refsource": "CALDERA",
{ "url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
"name" : "6991", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6991" "name": "CSSA-2003-SCO.5",
}, "refsource": "CALDERA",
{ "url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
"name" : "oval:org.mitre.oval:def:2222", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222" "name": "CLA-2003:571",
}, "refsource": "CONECTIVA",
{ "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571"
"name" : "sendmail-header-processing-bo(10748)", },
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/10748.php" "name": "NetBSD-SA2003-002",
} "refsource": "NETBSD",
] "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
} },
{
"name": "HPSBUX0302-246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=104679411316818&w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=104678862409849&w=2"
}
]
}
} }

148
2002/1xxx/CVE-2002-1785.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1785", "ID": "CVE-2002-1785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20021108 Zeus Admin Server v4.1r2 index.fcgi XSS bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-11/0104.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi."
{ }
"name" : "20021211 Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug", ]
"refsource" : "BUGTRAQ", },
"url" : "http://online.securityfocus.com/archive/1/302961" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "6144", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6144" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "zeus-admin-index-xss(10567)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/10567.php" ]
} },
] "references": {
} "reference_data": [
{
"name": "zeus-admin-index-xss(10567)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10567.php"
},
{
"name": "20021108 Zeus Admin Server v4.1r2 index.fcgi XSS bug",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-11/0104.html"
},
{
"name": "20021211 Re: Zeus Admin Server v4.1r2 index.fcgi XSS bug",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/302961"
},
{
"name": "6144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6144"
}
]
}
} }

118
2003/0xxx/CVE-2003-0341.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0341", "ID": "CVE-2003-0341",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030521 [AP] Owl Intranet Engine CSS Bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105353266220520&w=2" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030521 [AP] Owl Intranet Engine CSS Bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105353266220520&w=2"
}
]
}
} }

208
2003/0xxx/CVE-2003-0364.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0364", "ID": "CVE-2003-0364",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "RHSA-2003:187", "description_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2003-187.html" "lang": "eng",
}, "value": "The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions."
{ }
"name" : "RHSA-2003:195", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2003-195.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2003:198", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2003-198.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-311", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2003/dsa-311" ]
}, },
{ "references": {
"name" : "DSA-312", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-312" "name": "RHSA-2003:187",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html"
"name" : "DSA-332", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-332" "name": "TLSA-2003-41",
}, "refsource": "TURBO",
{ "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt"
"name" : "DSA-336", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-336" "name": "RHSA-2003:195",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html"
"name" : "DSA-442", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-442" "name": "RHSA-2003:198",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
"name" : "TLSA-2003-41", },
"refsource" : "TURBO", {
"url" : "http://www.turbolinux.com/security/TLSA-2003-41.txt" "name": "DSA-336",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2003/dsa-336"
"name" : "oval:org.mitre.oval:def:295", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" "name": "DSA-311",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2003/dsa-311"
} },
{
"name": "DSA-332",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-332"
},
{
"name": "oval:org.mitre.oval:def:295",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295"
},
{
"name": "DSA-312",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-312"
},
{
"name": "DSA-442",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-442"
}
]
}
} }

128
2003/0xxx/CVE-2003-0458.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0458", "ID": "CVE-2003-0458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "SSRT3488", "description_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/advisories/5545" "lang": "eng",
}, "value": "Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges."
{ }
"name" : "8080", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/8080" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT3488",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/5545"
},
{
"name": "8080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8080"
}
]
}
} }

208
2003/0xxx/CVE-2003-0965.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0965", "ID": "CVE-2003-0965",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Mailman-Announce] 20031231 RELEASED Mailman 2.1.4", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail.python.org/pipermail/mailman-announce/2003-December/000066.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities."
{ }
"name" : "CLA-2004:842", ]
"refsource" : "CONECTIVA", },
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2004:020", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-020.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-436", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2004/dsa-436" ]
}, },
{ "references": {
"name" : "MDKSA-2004:013", "reference_data": [
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:013" "name": "RHSA-2004:020",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-020.html"
"name" : "3305", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/3305" "name": "mailman-admin-xss(14121)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14121"
"name" : "10519", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/10519" "name": "10519",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/10519"
"name" : "mailman-admin-xss(14121)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14121" "name": "MDKSA-2004:013",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:013"
"name" : "9336", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9336" "name": "9336",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/9336"
"name" : "oval:org.mitre.oval:def:813", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A813" "name": "oval:org.mitre.oval:def:813",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A813"
} },
{
"name": "3305",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3305"
},
{
"name": "[Mailman-Announce] 20031231 RELEASED Mailman 2.1.4",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2003-December/000066.html"
},
{
"name": "CLA-2004:842",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842"
},
{
"name": "DSA-436",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-436"
}
]
}
} }

128
2003/0xxx/CVE-2003-0998.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0998", "ID": "CVE-2003-0998",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown \"potential system security vulnerability\" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.ca.com/techbases/rp/urc5x-secnote.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.ca.com/techbases/rp/urc5x-secnote.html" "lang": "eng",
}, "value": "Unknown \"potential system security vulnerability\" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account."
{ }
"name" : "10420", ]
"refsource" : "SECUNIA", },
"url" : "http://www.secunia.com/advisories/10420/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10420",
"refsource": "SECUNIA",
"url": "http://www.secunia.com/advisories/10420/"
},
{
"name": "http://support.ca.com/techbases/rp/urc5x-secnote.html",
"refsource": "CONFIRM",
"url": "http://support.ca.com/techbases/rp/urc5x-secnote.html"
}
]
}
} }

148
2003/1xxx/CVE-2003-1005.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1005", "ID": "CVE-2003-1005",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2003-12-19", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2003/Dec/msg00001.html" "lang": "eng",
}, "value": "The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences."
{ }
"name" : "ESB-2003.0867", ]
"refsource" : "AUSCERT", },
"url" : "http://www.auscert.org.au/render.html?it=3704" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9266", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9266" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "10474", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/10474/" ]
} },
] "references": {
} "reference_data": [
{
"name": "10474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10474/"
},
{
"name": "APPLE-SA-2003-12-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2003/Dec/msg00001.html"
},
{
"name": "9266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9266"
},
{
"name": "ESB-2003.0867",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=3704"
}
]
}
} }

178
2003/1xxx/CVE-2003-1006.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1006", "ID": "CVE-2003-1006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20031215 Buffer overflow/privilege escalation in MacOS X", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/347578" "lang": "eng",
}, "value": "Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter."
{ }
"name" : "20031216 Re: Buffer overflow/privilege escalation in MacOS X", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/347707" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20031219 Re: Buffer overflow/privilege escalation in MacOS X - hfs.util also", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/348097" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=61798", ]
"refsource" : "CONFIRM", }
"url" : "http://docs.info.apple.com/article.html?artnum=61798" ]
}, },
{ "references": {
"name" : "VU#878526", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/878526" "name": "VU#878526",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/878526"
"name" : "macos-cd9660-bo(13995)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13995" "name": "20031215 Buffer overflow/privilege escalation in MacOS X",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/347578"
"name" : "9228", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9228" "name": "20031216 Re: Buffer overflow/privilege escalation in MacOS X",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/347707"
} },
{
"name": "20031219 Re: Buffer overflow/privilege escalation in MacOS X - hfs.util also",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/348097"
},
{
"name": "9228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9228"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "macos-cd9660-bo(13995)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13995"
}
]
}
} }

158
2003/1xxx/CVE-2003-1279.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1279", "ID": "CVE-2003-1279",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030105 S-plus /tmp usage", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/305342" "lang": "eng",
}, "value": "S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html."
{ }
"name" : "1005896", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id?1005896" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "7833", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/7833" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "splus-tmp-file-symlink(11005)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/11005.php" ]
}, },
{ "references": {
"name" : "6530", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6530" "name": "1005896",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1005896"
} },
{
"name": "splus-tmp-file-symlink(11005)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11005.php"
},
{
"name": "20030105 S-plus /tmp usage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305342"
},
{
"name": "6530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6530"
},
{
"name": "7833",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7833"
}
]
}
} }

168
2004/0xxx/CVE-2004-0165.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0165", "ID": "CVE-2004-0165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "A022304-1", "description_data": [
"refsource" : "ATSTAKE", {
"url" : "http://www.atstake.com/research/advisories/2004/a022304-1.txt" "lang": "eng",
}, "value": "Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges."
{ }
"name" : "APPLE-SA-2004-02-23", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#841742", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/841742" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "macos-pppd-format-string(15297)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15297" ]
}, },
{ "references": {
"name" : "9730", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9730" "name": "APPLE-SA-2004-02-23",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
"name" : "6822", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/6822" "name": "macos-pppd-format-string(15297)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15297"
} },
{
"name": "VU#841742",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/841742"
},
{
"name": "6822",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6822"
},
{
"name": "9730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9730"
},
{
"name": "A022304-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2004/a022304-1.txt"
}
]
}
} }

168
2004/0xxx/CVE-2004-0369.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0369", "ID": "CVE-2004-0369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040826 Entrust LibKmp Library Buffer Overflow", "description_data": [
"refsource" : "ISS", {
"url" : "http://xforce.iss.net/xforce/alerts/id/181" "lang": "eng",
}, "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
{ }
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html", ]
"refsource" : "CONFIRM", },
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ESB-2004.0538", "description": [
"refsource" : "AUSCERT", {
"url" : "http://www.auscert.org.au/render.html?it=4339" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "O-206", ]
"refsource" : "CIAC", }
"url" : "http://www.ciac.org/ciac/bulletins/o-206.shtml" ]
}, },
{ "references": {
"name" : "11039", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11039" "name": "ESB-2004.0538",
}, "refsource": "AUSCERT",
{ "url": "http://www.auscert.org.au/render.html?it=4339"
"name" : "isakmp-spi-size-bo(15669)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669" "name": "isakmp-spi-size-bo(15669)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
} },
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11039"
}
]
}
} }

188
2004/0xxx/CVE-2004-0840.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0840", "ID": "CVE-2004-0840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS04-035", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035" "lang": "eng",
}, "value": "The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated."
{ }
"name" : "VU#394792", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/394792" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11374", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11374" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:2300", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:3460", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460" "name": "oval:org.mitre.oval:def:2300",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300"
"name" : "oval:org.mitre.oval:def:5509", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509" "name": "oval:org.mitre.oval:def:5509",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509"
"name" : "win2k3-smtp-execute-code(17621)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17621" "name": "11374",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/11374"
"name" : "win-ms04035-patch(17660)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17660" "name": "MS04-035",
} "refsource": "MS",
] "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035"
} },
{
"name": "win-ms04035-patch(17660)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17660"
},
{
"name": "win2k3-smtp-execute-code(17621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17621"
},
{
"name": "oval:org.mitre.oval:def:3460",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460"
},
{
"name": "VU#394792",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/394792"
}
]
}
} }

158
2004/2xxx/CVE-2004-2367.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2367", "ID": "CVE-2004-2367",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securiteam.com/windowsntfocus/5JP0B20CAY.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/windowsntfocus/5JP0B20CAY.html" "lang": "eng",
}, "value": "The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command."
{ }
"name" : "http://www.wftpd.com/bug_gpf.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wftpd.com/bug_gpf.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9908", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9908" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11160", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/11160/" ]
}, },
{ "references": {
"name" : "wftpd-gui-dos(15510)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15510" "name": "http://www.wftpd.com/bug_gpf.htm",
} "refsource": "CONFIRM",
] "url": "http://www.wftpd.com/bug_gpf.htm"
} },
{
"name": "11160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11160/"
},
{
"name": "wftpd-gui-dos(15510)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15510"
},
{
"name": "http://www.securiteam.com/windowsntfocus/5JP0B20CAY.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/5JP0B20CAY.html"
},
{
"name": "9908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9908"
}
]
}
} }

158
2004/2xxx/CVE-2004-2482.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2482", "ID": "CVE-2004-2482",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040708 Microsoft Word Email Object Data Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/368492" "lang": "eng",
}, "value": "Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code."
{ }
"name" : "10683", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/10683" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "7769", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/7769" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12041", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/12041" ]
}, },
{ "references": {
"name" : "microsoft-object-gain-access(16663)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16663" "name": "microsoft-object-gain-access(16663)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16663"
} },
{
"name": "7769",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7769"
},
{
"name": "20040708 Microsoft Word Email Object Data Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/368492"
},
{
"name": "12041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12041"
},
{
"name": "10683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10683"
}
]
}
} }

118
2004/2xxx/CVE-2004-2658.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2658", "ID": "CVE-2004-2658",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.novell.com/techcenter/psdb/fa6c6a3e792bf79b1d85821c689ea578.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/techcenter/psdb/fa6c6a3e792bf79b1d85821c689ea578.html" "lang": "eng",
} "value": "resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.novell.com/techcenter/psdb/fa6c6a3e792bf79b1d85821c689ea578.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/fa6c6a3e792bf79b1d85821c689ea578.html"
}
]
}
} }

168
2008/2xxx/CVE-2008-2054.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2008-2054", "ID": "CVE-2008-2054",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.liquidmatrix.org/blog/2008/05/28/advisory-ciscoworks-arbitrary-code-execution-vulnerability/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.liquidmatrix.org/blog/2008/05/28/advisory-ciscoworks-arbitrary-code-execution-vulnerability/" "lang": "eng",
}, "value": "Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors."
{ }
"name" : "20080528 CiscoWorks Common Services Arbitrary Code Execution Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a1f14.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1020127", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020127" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "30422", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/30422" ]
}, },
{ "references": {
"name" : "ADV-2008-1687", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1687/references" "name": "cisco-cwcs-unspecified-code-execution(42702)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42702"
"name" : "cisco-cwcs-unspecified-code-execution(42702)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42702" "name": "http://www.liquidmatrix.org/blog/2008/05/28/advisory-ciscoworks-arbitrary-code-execution-vulnerability/",
} "refsource": "MISC",
] "url": "http://www.liquidmatrix.org/blog/2008/05/28/advisory-ciscoworks-arbitrary-code-execution-vulnerability/"
} },
{
"name": "1020127",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020127"
},
{
"name": "ADV-2008-1687",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1687/references"
},
{
"name": "30422",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30422"
},
{
"name": "20080528 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a1f14.shtml"
}
]
}
} }

148
2008/2xxx/CVE-2008-2129.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2129", "ID": "CVE-2008-2129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "5554", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/5554" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter."
{ }
"name" : "29096", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29096" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30123", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30123" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "galleristic-index-sql-injection(42253)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42253" ]
} },
] "references": {
} "reference_data": [
{
"name": "5554",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5554"
},
{
"name": "29096",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29096"
},
{
"name": "galleristic-index-sql-injection(42253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42253"
},
{
"name": "30123",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30123"
}
]
}
} }

178
2008/2xxx/CVE-2008-2441.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2441", "ID": "CVE-2008-2441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080903 Cisco Secure ACS EAP Parsing Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/495937/100/0/threaded" "lang": "eng",
}, "value": "Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet."
{ }
"name" : "20080903 Cisco Security Response: Cisco Secure ACS Denial Of Service Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30997", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30997" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1020814", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1020814" ]
}, },
{ "references": {
"name" : "31731", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31731" "name": "1020814",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020814"
"name" : "4216", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4216" "name": "20080903 Cisco Security Response: Cisco Secure ACS Denial Of Service Vulnerability",
}, "refsource": "CISCO",
{ "url": "http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml"
"name" : "cisco-sacs-eap-dos(44871)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44871" "name": "31731",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/31731"
} },
{
"name": "4216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4216"
},
{
"name": "20080903 Cisco Secure ACS EAP Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495937/100/0/threaded"
},
{
"name": "30997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30997"
},
{
"name": "cisco-sacs-eap-dos(44871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44871"
}
]
}
} }

188
2012/0xxx/CVE-2012-0309.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-0309", "ID": "CVE-2012-0309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://www.cogentdatahub.com/ReleaseNotes.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.cogentdatahub.com/ReleaseNotes.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#12983784", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN12983784/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2012-000001", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000001" ]
}, },
{ "references": {
"name" : "51375", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51375" "name": "JVNDB-2012-000001",
}, "refsource": "JVNDB",
{ "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000001"
"name" : "47496", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47496" "name": "51375",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/51375"
"name" : "47525", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47525" "name": "http://www.cogentdatahub.com/ReleaseNotes.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.cogentdatahub.com/ReleaseNotes.html"
"name" : "cogentdatahub-unspecified-xss(72305)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72305" "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf",
} "refsource": "MISC",
] "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf"
} },
{
"name": "47525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47525"
},
{
"name": "cogentdatahub-unspecified-xss(72305)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72305"
},
{
"name": "JVN#12983784",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12983784/index.html"
},
{
"name": "47496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47496"
}
]
}
} }

158
2012/0xxx/CVE-2012-0949.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2012-0949", "ID": "CVE-2012-0949",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "USN-1443-1", "description_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1443-1" "lang": "eng",
}, "value": "The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report."
{ }
"name" : "53605", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/53605" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "82020", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/82020" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49230", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49230" ]
}, },
{ "references": {
"name" : "update-manager-archives-info-disclosure(75728)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75728" "name": "update-manager-archives-info-disclosure(75728)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75728"
} },
{
"name": "USN-1443-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1443-1"
},
{
"name": "49230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49230"
},
{
"name": "82020",
"refsource": "OSVDB",
"url": "http://osvdb.org/82020"
},
{
"name": "53605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53605"
}
]
}
} }

138
2012/1xxx/CVE-2012-1468.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1468", "ID": "CVE-2012-1468",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not \".php\", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.htbridge.com/advisory/HTB23079", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23079" "lang": "eng",
}, "value": "Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not \".php\", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions."
{ }
"name" : "http://pkp.sfu.ca/ojs/RELEASE-2.3.7", ]
"refsource" : "CONFIRM", },
"url" : "http://pkp.sfu.ca/ojs/RELEASE-2.3.7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431", "description": [
"refsource" : "CONFIRM", {
"url" : "http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431",
"refsource": "CONFIRM",
"url": "http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431"
},
{
"name": "http://pkp.sfu.ca/ojs/RELEASE-2.3.7",
"refsource": "CONFIRM",
"url": "http://pkp.sfu.ca/ojs/RELEASE-2.3.7"
},
{
"name": "https://www.htbridge.com/advisory/HTB23079",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23079"
}
]
}
} }

118
2012/1xxx/CVE-2012-1477.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1477", "ID": "CVE-2012-1477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2012-1477-vulnerability-in-Cnectd.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2012-1477-vulnerability-in-Cnectd.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impact and attack vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2012-1477-vulnerability-in-Cnectd.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2012-1477-vulnerability-in-Cnectd.html"
}
]
}
} }

218
2012/5xxx/CVE-2012-5567.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5567", "ID": "CVE-2012-5567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the (1) month, (2) monthlist, or (3) prevmonthlist fields, related to portal blocks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[announce] 20121114 Kronolith H4 (3.0.18) (final)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.horde.org/archives/announce/2012/000836.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the (1) month, (2) monthlist, or (3) prevmonthlist fields, related to portal blocks."
{ }
"name" : "[oss-security] 20121123 CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/11/23/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20121123 Re: CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/11/23/7" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e", ]
"refsource" : "CONFIRM", }
"url" : "http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=879684", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=879684" "name": "https://github.com/horde/horde/blob/d3dda2d47fad7eb128a0091e732cded0c2601009/kronolith/docs/CHANGES",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/horde/horde/blob/d3dda2d47fad7eb128a0091e732cded0c2601009/kronolith/docs/CHANGES"
"name" : "https://github.com/horde/horde/blob/d3dda2d47fad7eb128a0091e732cded0c2601009/kronolith/docs/CHANGES", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/horde/horde/blob/d3dda2d47fad7eb128a0091e732cded0c2601009/kronolith/docs/CHANGES" "name": "openSUSE-SU-2012:1625",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00019.html"
"name" : "openSUSE-SU-2012:1625", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00019.html" "name": "[oss-security] 20121123 CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/11/23/3"
"name" : "56541", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56541" "name": "[oss-security] 20121123 Re: CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/11/23/7"
"name" : "87345", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/87345" "name": "51233",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51233"
"name" : "51233", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51233" "name": "[announce] 20121114 Kronolith H4 (3.0.18) (final)",
}, "refsource": "MLIST",
{ "url": "http://lists.horde.org/archives/announce/2012/000836.html"
"name" : "51469", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51469" "name": "51469",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51469"
} },
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=879684",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=879684"
},
{
"name": "http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e",
"refsource": "CONFIRM",
"url": "http://git.horde.org/horde-git/-/commit/d865c564beb6e98532880aa51a04a79f3311cd1e"
},
{
"name": "56541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56541"
},
{
"name": "87345",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/87345"
}
]
}
} }

188
2012/5xxx/CVE-2012-5627.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5627", "ID": "CVE-2012-5627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20121203 MySQL Local/Remote FAST Account Password Cracking", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2012/Dec/58" "lang": "eng",
}, "value": "Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks."
{ }
"name" : "20121205 Re: MySQL Local/Remote FAST Account Password\tCracking", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2012/Dec/83" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20121206 Re: CVE request: Mysql/Mariadb insecure salt-usage", "description": [
"refsource" : "MLIST", {
"url" : "http://seclists.org/oss-sec/2012/q4/424" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=883719", ]
"refsource" : "MISC", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=883719" ]
}, },
{ "references": {
"name" : "https://mariadb.atlassian.net/browse/MDEV-3915", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://mariadb.atlassian.net/browse/MDEV-3915" "name": "20121203 MySQL Local/Remote FAST Account Password Cracking",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2012/Dec/58"
"name" : "GLSA-201308-06", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=883719",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883719"
"name" : "MDVSA-2013:102", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102" "name": "20121205 Re: MySQL Local/Remote FAST Account Password\tCracking",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2012/Dec/83"
"name" : "53372", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/53372" "name": "[oss-security] 20121206 Re: CVE request: Mysql/Mariadb insecure salt-usage",
} "refsource": "MLIST",
] "url": "http://seclists.org/oss-sec/2012/q4/424"
} },
{
"name": "MDVSA-2013:102",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:102"
},
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "https://mariadb.atlassian.net/browse/MDEV-3915",
"refsource": "CONFIRM",
"url": "https://mariadb.atlassian.net/browse/MDEV-3915"
}
]
}
} }

148
2012/5xxx/CVE-2012-5769.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-5769", "ID": "CVE-2012-5769",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620758", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620758" "lang": "eng",
}, "value": "IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034122", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24034122" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PM79454", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM79454" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "spss-xml-access(80316)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80316" ]
} },
] "references": {
} "reference_data": [
{
"name": "spss-xml-access(80316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80316"
},
{
"name": "PM79454",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM79454"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620758",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620758"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24034122",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034122"
}
]
}
} }

368
2012/5xxx/CVE-2012-5835.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5835", "ID": "CVE-2012-5835",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html" "lang": "eng",
}, "value": "Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=790879", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=790879" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2012:173", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:173" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2012:1482", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1482.html" ]
}, },
{ "references": {
"name" : "RHSA-2012:1483", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1483.html" "name": "USN-1638-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-3"
"name" : "openSUSE-SU-2012:1583", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html" "name": "51370",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51370"
"name" : "openSUSE-SU-2012:1585", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html" "name": "USN-1638-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-2"
"name" : "openSUSE-SU-2012:1586", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html" "name": "openSUSE-SU-2012:1586",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
"name" : "SUSE-SU-2012:1592", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html" "name": "USN-1636-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1636-1"
"name" : "openSUSE-SU-2013:0175", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html" "name": "openSUSE-SU-2013:0175",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
"name" : "USN-1638-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-1" "name": "RHSA-2012:1483",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
"name" : "USN-1638-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-3" "name": "RHSA-2012:1482",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
"name" : "USN-1638-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-2" "name": "51434",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51434"
"name" : "USN-1636-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1636-1" "name": "openSUSE-SU-2012:1583",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
"name" : "56643", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56643" "name": "51439",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51439"
"name" : "87601", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/87601" "name": "51440",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51440"
"name" : "oval:org.mitre.oval:def:16603", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16603" "name": "USN-1638-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-1"
"name" : "51359", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51359" "name": "SUSE-SU-2012:1592",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
"name" : "51360", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51360" "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-106.html"
"name" : "51369", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51369" "name": "51359",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51359"
"name" : "51381", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51381" "name": "MDVSA-2012:173",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:173"
"name" : "51434", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51434" "name": "openSUSE-SU-2012:1585",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
"name" : "51439", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51439" "name": "51381",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51381"
"name" : "51440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51440" "name": "firefox-webgl-bufferdata-overflow(80185)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80185"
"name" : "51370", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51370" "name": "oval:org.mitre.oval:def:16603",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16603"
"name" : "firefox-webgl-bufferdata-overflow(80185)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80185" "name": "51369",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51369"
} },
{
"name": "51360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51360"
},
{
"name": "87601",
"refsource": "OSVDB",
"url": "http://osvdb.org/87601"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=790879",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=790879"
},
{
"name": "56643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56643"
}
]
}
} }

32
2017/11xxx/CVE-2017-11745.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11745", "ID": "CVE-2017-11745",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

164
2017/3xxx/CVE-2017-3377.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3377", "ID": "CVE-2017-3377",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Advanced Outbound Telephony", "product_name": "Advanced Outbound Telephony",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_value" : "12.2.6" "version_value": "12.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Advanced Outbound Telephony, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data as well as unauthorized update, insert or delete access to some of Oracle Advanced Outbound Telephony accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Advanced Outbound Telephony, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data as well as unauthorized update, insert or delete access to some of Oracle Advanced Outbound Telephony accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
{ }
"name" : "95531", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95531" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95531"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
} }

128
2017/3xxx/CVE-2017-3890.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@blackberry.com", "ASSIGNER": "secure@blackberry.com",
"ID" : "CVE-2017-3890", "ID": "CVE-2017-3890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BlackBerry WatchDox Server", "product_name": "BlackBerry WatchDox Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "BlackBerry WatchDox Server" "version_value": "BlackBerry WatchDox Server"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "cross-site scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915" "lang": "eng",
}, "value": "A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link."
{ }
"name" : "95442", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95442" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95442"
},
{
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038915"
}
]
}
} }

32
2017/6xxx/CVE-2017-6569.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6569", "ID": "CVE-2017-6569",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

188
2017/7xxx/CVE-2017-7111.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7111", "ID": "CVE-2017-7111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208112", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208112" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT208113", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT208113" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT208116", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208116" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT208141", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT208141" ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT208142", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208142" "name": "https://support.apple.com/HT208141",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT208141"
"name" : "100986", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100986" "name": "1039384",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1039384"
"name" : "1039384", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039384" "name": "100986",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/100986"
"name" : "1039428", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039428" "name": "https://support.apple.com/HT208142",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT208142"
} },
{
"name": "https://support.apple.com/HT208113",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208113"
},
{
"name": "https://support.apple.com/HT208112",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208112"
},
{
"name": "1039428",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039428"
},
{
"name": "https://support.apple.com/HT208116",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208116"
}
]
}
} }

278
2017/7xxx/CVE-2017-7718.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7718", "ID": "CVE-2017-7718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170419 CVE-2017-7718 Qemu: display: cirrus: OOB read access issue", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/04/19/4" "lang": "eng",
}, "value": "hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions."
{ }
"name" : "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.qemu-project.org/?p=qemu.git;a=commit;h=215902d7b6fb50c6fc216fc74f770858278ed904", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.qemu-project.org/?p=qemu.git;a=commit;h=215902d7b6fb50c6fc216fc74f770858278ed904" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1443441", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1443441" ]
}, },
{ "references": {
"name" : "GLSA-201706-03", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201706-03" "name": "97957",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/97957"
"name" : "RHSA-2017:0980", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0980" "name": "RHSA-2017:0983",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:0983"
"name" : "RHSA-2017:0981", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0981" "name": "RHSA-2017:0982",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:0982"
"name" : "RHSA-2017:0982", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0982" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1443441",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443441"
"name" : "RHSA-2017:0983", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0983" "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
"name" : "RHSA-2017:0984", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0984" "name": "RHSA-2017:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1430"
"name" : "RHSA-2017:0988", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0988" "name": "GLSA-201706-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201706-03"
"name" : "RHSA-2017:1205", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1205" "name": "RHSA-2017:1206",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1206"
"name" : "RHSA-2017:1206", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1206" "name": "RHSA-2017:1431",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1431"
"name" : "RHSA-2017:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1430" "name": "RHSA-2017:0984",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:0984"
"name" : "RHSA-2017:1431", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1431" "name": "RHSA-2017:0988",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:0988"
"name" : "RHSA-2017:1441", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1441" "name": "RHSA-2017:1441",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1441"
"name" : "97957", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97957" "name": "[oss-security] 20170419 CVE-2017-7718 Qemu: display: cirrus: OOB read access issue",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2017/04/19/4"
} },
{
"name": "RHSA-2017:0981",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"name": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=215902d7b6fb50c6fc216fc74f770858278ed904",
"refsource": "CONFIRM",
"url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=215902d7b6fb50c6fc216fc74f770858278ed904"
},
{
"name": "RHSA-2017:0980",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"name": "RHSA-2017:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
}
]
}
} }

138
2017/7xxx/CVE-2017-7991.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7991", "ID": "CVE-2017-7991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://seclists.org/fulldisclosure/2017/Apr/78", "description_data": [
"refsource" : "MISC", {
"url" : "http://seclists.org/fulldisclosure/2017/Apr/78" "lang": "eng",
}, "value": "Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php."
{ }
"name" : "https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29", ]
"refsource" : "MISC", },
"url" : "https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://packetstormsecurity.com/files/142258/Exponent-CMS-2.4.1-SQL-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "https://packetstormsecurity.com/files/142258/Exponent-CMS-2.4.1-SQL-Injection.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/142258/Exponent-CMS-2.4.1-SQL-Injection.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/142258/Exponent-CMS-2.4.1-SQL-Injection.html"
},
{
"name": "http://seclists.org/fulldisclosure/2017/Apr/78",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2017/Apr/78"
},
{
"name": "https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29",
"refsource": "MISC",
"url": "https://gist.github.com/404notf0und/ab59234d71fbf35b4926ffd646324f29"
}
]
}
} }

120
2017/8xxx/CVE-2017-8174.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00", "DATE_PUBLIC": "2017-11-15T00:00:00",
"ID" : "CVE-2017-8174", "ID": "CVE-2017-8174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Secospace USG6300,Secospace USG6600", "product_name": "Secospace USG6300,Secospace USG6600",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "V100R001C30SPC300,V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800" "version_value": "V100R001C30SPC300,V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Weak Algorithm"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en" "lang": "eng",
} "value": "Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en"
}
]
}
} }

140
2017/8xxx/CVE-2017-8574.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-07-11T00:00:00", "DATE_PUBLIC": "2017-07-11T00:00:00",
"ID" : "CVE-2017-8574", "ID": "CVE-2017-8574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Windows 10 1607, 1703, and Windows Server 2016", "product_name": "Microsoft Windows 10 1607, 1703, and Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Graphics" "version_value": "Graphics"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka \"Microsoft Graphics Component Elevation of Privilege Vulnerability\". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8574", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8574" "lang": "eng",
}, "value": "Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka \"Microsoft Graphics Component Elevation of Privilege Vulnerability\". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556."
{ }
"name" : "99438", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99438" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038856", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038856" "lang": "eng",
} "value": "Elevation of Privilege"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8574",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8574"
},
{
"name": "1038856",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038856"
},
{
"name": "99438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99438"
}
]
}
} }

140
2017/8xxx/CVE-2017-8648.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-09-12T00:00:00", "DATE_PUBLIC": "2017-09-12T00:00:00",
"ID" : "CVE-2017-8648", "ID": "CVE-2017-8648",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows Version 1703" "version_value": "Microsoft Windows Version 1703"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8643."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8648", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8648" "lang": "eng",
}, "value": "Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8597 and CVE-2017-8643."
{ }
"name" : "100750", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100750" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039326", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039326" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1039326",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039326"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8648",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8648"
},
{
"name": "100750",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100750"
}
]
}
} }

140
2017/8xxx/CVE-2017-8654.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00", "DATE_PUBLIC": "2017-08-08T00:00:00",
"ID" : "CVE-2017-8654", "ID": "CVE-2017-8654",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Office", "product_name": "Microsoft Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft SharePoint Server 2010 Service Pack 2" "version_value": "Microsoft SharePoint Server 2010 Service Pack 2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8654", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8654" "lang": "eng",
}, "value": "Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability\"."
{ }
"name" : "100064", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100064" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039111", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039111" "lang": "eng",
} "value": "Elevation of Privilege"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1039111",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039111"
},
{
"name": "100064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100064"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8654",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8654"
}
]
}
} }

118
2017/8xxx/CVE-2017-8940.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8940", "ID": "CVE-2017-8940",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f", "description_data": [
"refsource" : "MISC", {
"url" : "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f" "lang": "eng",
} "value": "The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f",
"refsource": "MISC",
"url": "https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f"
}
]
}
} }

128
2018/10xxx/CVE-2018-10267.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10267", "ID": "CVE-2018-10267",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/taosir/wtcms/issues/1", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/taosir/wtcms/issues/1" "lang": "eng",
}, "value": "WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI."
{ }
"name" : "https://www.hackpwn.me/2018/04/21/1/", ]
"refsource" : "MISC", },
"url" : "https://www.hackpwn.me/2018/04/21/1/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/taosir/wtcms/issues/1",
"refsource": "MISC",
"url": "https://github.com/taosir/wtcms/issues/1"
},
{
"name": "https://www.hackpwn.me/2018/04/21/1/",
"refsource": "MISC",
"url": "https://www.hackpwn.me/2018/04/21/1/"
}
]
}
} }

138
2018/10xxx/CVE-2018-10357.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@trendmicro.com", "ASSIGNER": "security@trendmicro.com",
"ID" : "CVE-2018-10357", "ID": "CVE-2018-10357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Trend Micro Endpoint Application Control", "product_name": "Trend Micro Endpoint Application Control",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.0" "version_value": "2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Trend Micro" "vendor_name": "Trend Micro"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory Traversal"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-469/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-469/" "lang": "eng",
}, "value": "A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability."
{ }
"name" : "https://success.trendmicro.com/solution/1119811", ]
"refsource" : "CONFIRM", },
"url" : "https://success.trendmicro.com/solution/1119811" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104355", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104355" "lang": "eng",
} "value": "Directory Traversal"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-18-469/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-18-469/"
},
{
"name": "104355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104355"
},
{
"name": "https://success.trendmicro.com/solution/1119811",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1119811"
}
]
}
} }

128
2018/10xxx/CVE-2018-10563.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10563", "ID": "CVE-2018-10563",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180501 XSS in Flexense SyncBreeze, affects all versions", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2018/May/4" "lang": "eng",
}, "value": "An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7)."
{ }
"name" : "http://blog.n0ipr0cs.io/post/2018/04/29/XSS-Flexense-DiskBoss-Enterprise-all-versions", ]
"refsource" : "MISC", },
"url" : "http://blog.n0ipr0cs.io/post/2018/04/29/XSS-Flexense-DiskBoss-Enterprise-all-versions" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180501 XSS in Flexense SyncBreeze, affects all versions",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/4"
},
{
"name": "http://blog.n0ipr0cs.io/post/2018/04/29/XSS-Flexense-DiskBoss-Enterprise-all-versions",
"refsource": "MISC",
"url": "http://blog.n0ipr0cs.io/post/2018/04/29/XSS-Flexense-DiskBoss-Enterprise-all-versions"
}
]
}
} }

32
2018/10xxx/CVE-2018-10848.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-10848", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-10848",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-12532. Reason: This candidate is a reservation duplicate of CVE-2018-12532. Notes: All CVE users should reference CVE-2018-12532 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-12532. Reason: This candidate is a reservation duplicate of CVE-2018-12532. Notes: All CVE users should reference CVE-2018-12532 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

138
2018/10xxx/CVE-2018-10966.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10966", "ID": "CVE-2018-10966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. An attacker can edit the Passport.js contents of the session cookie to contain the ID number of the account they wish to take over, and re-sign it using the hard coded secret."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/GamerPolls/gamerpolls.com/pull/56", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/GamerPolls/gamerpolls.com/pull/56" "lang": "eng",
}, "value": "An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. An attacker can edit the Passport.js contents of the session cookie to contain the ID number of the account they wish to take over, and re-sign it using the hard coded secret."
{ }
"name" : "https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune", ]
"refsource" : "MISC", },
"url" : "https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/GamerPolls/gamerpolls.com/pull/56",
"refsource": "MISC",
"url": "https://github.com/GamerPolls/gamerpolls.com/pull/56"
},
{
"name": "https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58",
"refsource": "CONFIRM",
"url": "https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58"
},
{
"name": "https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune",
"refsource": "MISC",
"url": "https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune"
}
]
}
} }

118
2018/13xxx/CVE-2018-13144.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13144", "ID": "CVE-2018-13144",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/safecomet/EtherTokens/blob/master/Pandora%20(PDX)/Pandora%20(PDX).md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/safecomet/EtherTokens/blob/master/Pandora%20(PDX)/Pandora%20(PDX).md" "lang": "eng",
} "value": "The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/safecomet/EtherTokens/blob/master/Pandora%20(PDX)/Pandora%20(PDX).md",
"refsource": "MISC",
"url": "https://github.com/safecomet/EtherTokens/blob/master/Pandora%20(PDX)/Pandora%20(PDX).md"
}
]
}
} }

244
2018/13xxx/CVE-2018-13400.json
View File

@ -1,125 +1,125 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC" : "2018-10-23T00:00:00", "DATE_PUBLIC": "2018-10-23T00:00:00",
"ID" : "CVE-2018-13400", "ID": "CVE-2018-13400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jira", "product_name": "Jira",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.6.9" "version_value": "7.6.9"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.7.0" "version_value": "7.7.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.7.5" "version_value": "7.7.5"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.8.0" "version_value": "7.8.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.8.5" "version_value": "7.8.5"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.9.0" "version_value": "7.9.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.9.3" "version_value": "7.9.3"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.10.0" "version_value": "7.10.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.10.3" "version_value": "7.10.3"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.11.0" "version_value": "7.11.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.11.3" "version_value": "7.11.3"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.12.0" "version_value": "7.12.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.12.3" "version_value": "7.12.3"
}, },
{ {
"version_affected" : ">=", "version_affected": ">=",
"version_value" : "7.13.0" "version_value": "7.13.0"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "7.13.1" "version_value": "7.13.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Atlassian" "vendor_name": "Atlassian"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jira.atlassian.com/browse/JRASERVER-68138", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jira.atlassian.com/browse/JRASERVER-68138" "lang": "eng",
}, "value": "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
{ }
"name" : "105751", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105751" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/JRASERVER-68138",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/JRASERVER-68138"
},
{
"name": "105751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105751"
}
]
}
} }

128
2018/13xxx/CVE-2018-13462.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13462", "ID": "CVE-2018-13462",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoonToken", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoonToken" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoonToken",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/MoonToken"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
}
]
}
} }

128
2018/13xxx/CVE-2018-13722.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13722", "ID": "CVE-2018-13722",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HYIPToken", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HYIPToken" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HYIPToken",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HYIPToken"
}
]
}
} }

128
2018/13xxx/CVE-2018-13732.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13732", "ID": "CVE-2018-13732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/RiptideCoin", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/RiptideCoin" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/RiptideCoin",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/RiptideCoin"
}
]
}
} }

32
2018/17xxx/CVE-2018-17722.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17722", "ID": "CVE-2018-17722",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/17xxx/CVE-2018-17762.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17762", "ID": "CVE-2018-17762",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/17xxx/CVE-2018-17994.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17994", "ID": "CVE-2018-17994",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/9xxx/CVE-2018-9278.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9278", "ID": "CVE-2018-9278",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/9xxx/CVE-2018-9815.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9815", "ID": "CVE-2018-9815",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }