admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:56:43 +00:00
parent a1a5daf8c7
commit 7ff1a6b34a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
47 changed files with 3185 additions and 3185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
1999/0xxx/CVE-1999-0724.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0724", "ID": "CVE-1999-0724",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6128", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/6128" "lang": "eng",
} "value": "Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6128",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6128"
}
]
}
} }

128
1999/1xxx/CVE-1999-1171.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1171", "ID": "CVE-1999-1171",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990204 WS FTP Server Remote DoS Attack", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=91816507920544&w=2" "lang": "eng",
}, "value": "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920."
{ }
"name" : "218", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/218" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990204 WS FTP Server Remote DoS Attack",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=91816507920544&w=2"
},
{
"name": "218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/218"
}
]
}
} }

158
1999/1xxx/CVE-1999-1191.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1191", "ID": "CVE-1999-1191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=87602167418335&w=2" "lang": "eng",
}, "value": "Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument."
{ }
"name" : "AA-97.18", ]
"refsource" : "AUSCERT", },
"url" : "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "00144", "description": [
"refsource" : "SUN", {
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "207", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/207" ]
}, },
{ "references": {
"name" : "solaris-chkey-bo(7442)", "reference_data": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7442.php" "name": "solaris-chkey-bo(7442)",
} "refsource": "XF",
] "url": "http://www.iss.net/security_center/static/7442.php"
} },
{
"name": "00144",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144"
},
{
"name": "207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/207"
},
{
"name": "19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=87602167418335&w=2"
},
{
"name": "AA-97.18",
"refsource": "AUSCERT",
"url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul"
}
]
}
} }

148
2000/1xxx/CVE-2000-1123.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1123", "ID": "CVE-2000-1123",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001201 Fixed local AIX V43 vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=97569466809056&w=2" "lang": "eng",
}, "value": "Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands."
{ }
"name" : "IY12638", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2036", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/2036" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "aix-pioout-bo(5617)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5617" ]
} },
] "references": {
} "reference_data": [
{
"name": "2036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2036"
},
{
"name": "aix-pioout-bo(5617)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5617"
},
{
"name": "20001201 Fixed local AIX V43 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97569466809056&w=2"
},
{
"name": "IY12638",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only"
}
]
}
} }

158
2005/2xxx/CVE-2005-2051.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2051", "ID": "CVE-2005-2051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050623 Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111954711532252&w=2" "lang": "eng",
}, "value": "Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code."
{ }
"name" : "http://seer.support.veritas.com/docs/276606.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://seer.support.veritas.com/docs/276606.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "P-232", "description": [
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/p-232.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "14025", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/14025" ]
}, },
{ "references": {
"name" : "15789", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15789" "name": "P-232",
} "refsource": "CIAC",
] "url": "http://www.ciac.org/ciac/bulletins/p-232.shtml"
} },
{
"name": "14025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14025"
},
{
"name": "http://seer.support.veritas.com/docs/276606.htm",
"refsource": "CONFIRM",
"url": "http://seer.support.veritas.com/docs/276606.htm"
},
{
"name": "20050623 Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111954711532252&w=2"
},
{
"name": "15789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15789"
}
]
}
} }

128
2005/2xxx/CVE-2005-2064.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2064", "ID": "CVE-2005-2064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050626 M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111989223906484&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp."
{ }
"name" : "14062", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14062" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14062"
},
{
"name": "20050626 M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111989223906484&w=2"
}
]
}
} }

158
2005/2xxx/CVE-2005-2235.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2235", "ID": "CVE-2005-2235",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.caughq.org/advisories/CAU-2005-0004.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.caughq.org/advisories/CAU-2005-0004.txt" "lang": "eng",
}, "value": "Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments."
{ }
"name" : "http://www.security-focus.com/advisories/8819", ]
"refsource" : "CONFIRM", },
"url" : "http://www.security-focus.com/advisories/8819" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13912", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13912" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1014132", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1014132" ]
}, },
{ "references": {
"name" : "15636", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15636" "name": "15636",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/15636"
} },
{
"name": "http://www.caughq.org/advisories/CAU-2005-0004.txt",
"refsource": "MISC",
"url": "http://www.caughq.org/advisories/CAU-2005-0004.txt"
},
{
"name": "13912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13912"
},
{
"name": "http://www.security-focus.com/advisories/8819",
"refsource": "CONFIRM",
"url": "http://www.security-focus.com/advisories/8819"
},
{
"name": "1014132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014132"
}
]
}
} }

138
2005/2xxx/CVE-2005-2306.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2306", "ID": "CVE-2005-2306",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html" "lang": "eng",
}, "value": "Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users."
{ }
"name" : "1014489", ]
"refsource" : "SECTRACK", },
"url" : "http://securitytracker.com/id?1014489" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16081", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16081" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "16081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16081"
},
{
"name": "1014489",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014489"
},
{
"name": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html",
"refsource": "CONFIRM",
"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html"
}
]
}
} }

168
2005/2xxx/CVE-2005-2573.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2573", "ID": "CVE-2005-2573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\\) character."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112360618320729&w=2" "lang": "eng",
}, "value": "The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\\) character."
{ }
"name" : "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA", ]
"refsource" : "CONFIRM", }
"url" : "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA" ]
}, },
{ "references": {
"name" : "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA" "name": "mysql-udf-directory-traversal(21738)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21738"
"name" : "mysql-udf-directory-traversal(21738)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21738" "name": "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=112360618320729&w=2"
} },
{
"name": "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html",
"refsource": "MISC",
"url": "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html"
},
{
"name": "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA",
"refsource": "CONFIRM",
"url": "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA"
},
{
"name": "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html"
},
{
"name": "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA",
"refsource": "CONFIRM",
"url": "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA"
}
]
}
} }

168
2005/4xxx/CVE-2005-4192.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4192", "ID": "CVE-2005-4192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[horde-announce] 20051211 Mnemo H3 (2.0.3) (final)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.horde.org/archives/announce/2005/000237.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad."
{ }
"name" : "http://www.sec-consult.com/245.html", ]
"refsource" : "MISC", },
"url" : "http://www.sec-consult.com/245.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h", "description": [
"refsource" : "CONFIRM", {
"url" : "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15803", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15803" ]
}, },
{ "references": {
"name" : "ADV-2005-2833", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2833" "name": "[horde-announce] 20051211 Mnemo H3 (2.0.3) (final)",
}, "refsource": "MLIST",
{ "url": "http://lists.horde.org/archives/announce/2005/000237.html"
"name" : "17964", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17964" "name": "17964",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17964"
} },
{
"name": "15803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15803"
},
{
"name": "ADV-2005-2833",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2833"
},
{
"name": "http://www.sec-consult.com/245.html",
"refsource": "MISC",
"url": "http://www.sec-consult.com/245.html"
},
{
"name": "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h",
"refsource": "CONFIRM",
"url": "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h"
}
]
}
} }

128
2009/2xxx/CVE-2009-2024.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2024", "ID": "CVE-2009-2024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8889", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8889" "lang": "eng",
}, "value": "Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt."
{ }
"name" : "vtauth-zhk8dees3-info-disclosure(50986)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50986" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vtauth-zhk8dees3-info-disclosure(50986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50986"
},
{
"name": "8889",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8889"
}
]
}
} }

128
2009/2xxx/CVE-2009-2263.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2263", "ID": "CVE-2009-2263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9025", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9025" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL."
{ }
"name" : "35545", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/35545" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9025",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9025"
},
{
"name": "35545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35545"
}
]
}
} }

128
2009/2xxx/CVE-2009-2309.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2309", "ID": "CVE-2009-2309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8272", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/8272" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter."
{ }
"name" : "34208", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/34208" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34208"
},
{
"name": "8272",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8272"
}
]
}
} }

138
2009/2xxx/CVE-2009-2354.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2354", "ID": "CVE-2009-2354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090706 High security hole in NullLogic Groupware", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/504737/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter."
{ }
"name" : "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55", ]
"refsource" : "MISC", },
"url" : "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-1817", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1817" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1817",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1817"
},
{
"name": "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55",
"refsource": "MISC",
"url": "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55"
},
{
"name": "20090706 High security hole in NullLogic Groupware",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504737/100/0/threaded"
}
]
}
} }

168
2009/2xxx/CVE-2009-2843.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2843", "ID": "CVE-2009-2843",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT3969", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3969" "lang": "eng",
}, "value": "Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet."
{ }
"name" : "http://support.apple.com/kb/HT3970", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT3970" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2009-12-03-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2009-12-03-2", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html" ]
}, },
{ "references": {
"name" : "37206", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37206" "name": "http://support.apple.com/kb/HT3970",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3970"
"name" : "37581", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37581" "name": "http://support.apple.com/kb/HT3969",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/kb/HT3969"
} },
{
"name": "APPLE-SA-2009-12-03-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
},
{
"name": "37206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37206"
},
{
"name": "APPLE-SA-2009-12-03-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
},
{
"name": "37581",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37581"
}
]
}
} }

238
2009/3xxx/CVE-2009-3079.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3079", "ID": "CVE-2009-3079",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=454363", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=454363" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1886", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1886" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2009:1430", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1430.html" ]
}, },
{ "references": {
"name" : "SUSE-SA:2009:048", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2009_48_firefox.html" "name": "36343",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36343"
"name" : "36343", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36343" "name": "DSA-1886",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1886"
"name" : "oval:org.mitre.oval:def:10390", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390" "name": "SUSE-SA:2009:048",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2009_48_firefox.html"
"name" : "oval:org.mitre.oval:def:6250", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250" "name": "RHSA-2009:1430",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-1430.html"
"name" : "1022873", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022873" "name": "36670",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36670"
"name" : "36671", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36671" "name": "36671",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36671"
"name" : "37098", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37098" "name": "oval:org.mitre.oval:def:10390",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390"
"name" : "36670", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36670" "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html"
"name" : "36757", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36757" "name": "oval:org.mitre.oval:def:6250",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250"
} },
{
"name": "1022873",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022873"
},
{
"name": "36757",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36757"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=454363",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=454363"
},
{
"name": "37098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37098"
}
]
}
} }

178
2009/3xxx/CVE-2009-3369.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3369", "ID": "CVE-2009-3369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218" "lang": "eng",
}, "value": "CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=518412", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=518412" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2009-9973", "description": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00729.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2009-9982", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00694.html" ]
}, },
{ "references": {
"name" : "57236", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/57236" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=518412",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=518412"
"name" : "36393", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36393" "name": "36393",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36393"
"name" : "37161", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37161" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218",
} "refsource": "MISC",
] "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218"
} },
{
"name": "FEDORA-2009-9973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00729.html"
},
{
"name": "FEDORA-2009-9982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00694.html"
},
{
"name": "37161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37161"
},
{
"name": "57236",
"refsource": "OSVDB",
"url": "http://osvdb.org/57236"
}
]
}
} }

168
2009/3xxx/CVE-2009-3745.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3745", "ID": "CVE-2009-3745",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024704", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024704" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string."
{ }
"name" : "PK97516", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36734", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36734" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37093", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/37093" ]
}, },
{ "references": {
"name" : "ADV-2009-2974", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2974" "name": "37093",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37093"
"name" : "rational-appscan-help-xss(53821)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53821" "name": "ADV-2009-2974",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/2974"
} },
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24024704",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24024704"
},
{
"name": "rational-appscan-help-xss(53821)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53821"
},
{
"name": "PK97516",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516"
},
{
"name": "36734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36734"
}
]
}
} }

158
2009/3xxx/CVE-2009-3842.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2009-3842", "ID": "CVE-2009-3842",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain \"access to data\" or cause a denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBPI02472", "description_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=125864723627975&w=2" "lang": "eng",
}, "value": "Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain \"access to data\" or cause a denial of service via unknown vectors."
{ }
"name" : "SSRT090196", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=125864723627975&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37070", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37070" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37433", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/37433" ]
}, },
{ "references": {
"name" : "ADV-2009-3293", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3293" "name": "SSRT090196",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=125864723627975&w=2"
} },
{
"name": "HPSBPI02472",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=125864723627975&w=2"
},
{
"name": "37433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37433"
},
{
"name": "ADV-2009-3293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3293"
},
{
"name": "37070",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37070"
}
]
}
} }

158
2009/4xxx/CVE-2009-4854.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4854", "ID": "CVE-2009-4854",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9095", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9095" "lang": "eng",
}, "value": "addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter."
{ }
"name" : "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html", ]
"refsource" : "MISC", },
"url" : "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35619", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/35619" ]
}, },
{ "references": {
"name" : "talkback-import-command-execution(58705)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58705" "name": "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html",
} "refsource": "MISC",
] "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html"
} },
{
"name": "35619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35619"
},
{
"name": "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt"
},
{
"name": "9095",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9095"
},
{
"name": "talkback-import-command-execution(58705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58705"
}
]
}
} }

168
2015/0xxx/CVE-2015-0277.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-0277", "ID": "CVE-2015-0277",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users' accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1194832", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1194832" "lang": "eng",
}, "value": "The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users' accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion."
{ }
"name" : "https://issues.jboss.org/browse/PLINK-678", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.jboss.org/browse/PLINK-678" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:0846", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0846.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:0847", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0847.html" ]
}, },
{ "references": {
"name" : "RHSA-2015:0848", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0848.html" "name": "RHSA-2015:0849",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html"
"name" : "RHSA-2015:0849", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0849.html" "name": "RHSA-2015:0848",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2015-0848.html"
} },
{
"name": "RHSA-2015:0846",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0846.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1194832",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194832"
},
{
"name": "https://issues.jboss.org/browse/PLINK-678",
"refsource": "CONFIRM",
"url": "https://issues.jboss.org/browse/PLINK-678"
},
{
"name": "RHSA-2015:0847",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0847.html"
}
]
}
} }

158
2015/0xxx/CVE-2015-0393.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-0393", "ID": "CVE-2015-0393",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a \"seeded install,\" which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a \"seeded install,\" which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "72230", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72230" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1031579", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1031579" ]
}, },
{ "references": {
"name" : "oracle-cpujan2015-cve20150393(100097)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100097" "name": "oracle-cpujan2015-cve20150393(100097)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100097"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf",
"refsource": "MISC",
"url": "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf"
},
{
"name": "72230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72230"
},
{
"name": "1031579",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031579"
}
]
}
} }

32
2015/0xxx/CVE-2015-0927.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-0927", "ID": "CVE-2015-0927",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2015/0xxx/CVE-2015-0977.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-0977", "ID": "CVE-2015-0977",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01" "lang": "eng",
} "value": "Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01"
}
]
}
} }

32
2015/1xxx/CVE-2015-1161.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1161", "ID": "CVE-2015-1161",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2015/1xxx/CVE-2015-1754.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-1754", "ID": "CVE-2015-1754",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-056", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056" "lang": "eng",
}, "value": "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
{ }
"name" : "74991", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74991" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032521", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032521" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-056",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
},
{
"name": "74991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74991"
},
{
"name": "1032521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032521"
}
]
}
} }

128
2015/1xxx/CVE-2015-1919.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1919", "ID": "CVE-2015-1919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960011", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960011" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
{ }
"name" : "75209", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75209" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75209"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011"
}
]
}
} }

288
2015/4xxx/CVE-2015-4022.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4022", "ID": "CVE-2015-4022",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://php.net/ChangeLog-5.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow."
{ }
"name" : "https://bugs.php.net/bug.php?id=69545", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=69545" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT205031", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-08-13-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "RHSA-2015:1187",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
"name" : "DSA-3280", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3280" "name": "https://bugs.php.net/bug.php?id=69545",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=69545"
"name" : "FEDORA-2015-8281", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" "name": "RHSA-2015:1186",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
"name" : "FEDORA-2015-8370", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" "name": "RHSA-2015:1219",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
"name" : "FEDORA-2015-8383", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "GLSA-201606-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-10" "name": "openSUSE-SU-2015:0993",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
"name" : "RHSA-2015:1187", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" "name": "http://php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://php.net/ChangeLog-5.php"
"name" : "RHSA-2015:1135", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "name": "DSA-3280",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3280"
"name" : "RHSA-2015:1186", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "RHSA-2015:1218", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" "name": "1032433",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032433"
"name" : "RHSA-2015:1219", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1219.html" "name": "RHSA-2015:1135",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
"name" : "openSUSE-SU-2015:0993", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" "name": "74902",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/74902"
"name" : "74902", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74902" "name": "https://support.apple.com/kb/HT205031",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205031"
"name" : "1032433", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032433" "name": "FEDORA-2015-8383",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
} },
{
"name": "FEDORA-2015-8281",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}
} }

378
2015/4xxx/CVE-2015-4500.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-4500", "ID": "CVE-2015-4500",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651" "name": "SUSE-SU-2015:1680",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962" "name": "SUSE-SU-2015:2081",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844" "name": "openSUSE-SU-2015:1681",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "name": "USN-2754-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2754-1"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077"
"name" : "DSA-3365", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3365" "name": "USN-2743-4",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2743-4"
"name" : "RHSA-2015:1852", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1852.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "RHSA-2015:1834", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1834.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "SUSE-SU-2015:2081", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html"
"name" : "openSUSE-SU-2015:1658", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" "name": "USN-2743-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2743-3"
"name" : "SUSE-SU-2015:1680", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html" "name": "RHSA-2015:1834",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1834.html"
"name" : "openSUSE-SU-2015:1679", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html" "name": "USN-2743-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2743-2"
"name" : "openSUSE-SU-2015:1681", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962"
"name" : "SUSE-SU-2015:1703", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html" "name": "1033640",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033640"
"name" : "USN-2743-4", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-4" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153"
"name" : "USN-2754-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2754-1" "name": "RHSA-2015:1852",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1852.html"
"name" : "USN-2743-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-1" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063"
"name" : "USN-2743-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-2" "name": "DSA-3365",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3365"
"name" : "USN-2743-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-3" "name": "76816",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76816"
"name" : "76816", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76816" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651"
"name" : "1033640", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033640" "name": "SUSE-SU-2015:1703",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html"
} },
{
"name": "openSUSE-SU-2015:1679",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html"
},
{
"name": "openSUSE-SU-2015:1658",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html"
},
{
"name": "USN-2743-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2743-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793"
}
]
}
} }

118
2015/4xxx/CVE-2015-4724.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4724", "ID": "CVE-2015-4724",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Concrete5 5.7.3.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://hackerone.com/reports/59664", "description_data": [
"refsource" : "MISC", {
"url" : "http://hackerone.com/reports/59664" "lang": "eng",
} "value": "SQL injection vulnerability in Concrete5 5.7.3.1."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://hackerone.com/reports/59664",
"refsource": "MISC",
"url": "http://hackerone.com/reports/59664"
}
]
}
} }

188
2015/4xxx/CVE-2015-4767.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4767", "ID": "CVE-2015-4767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769."
{ }
"name" : "GLSA-201610-06", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201610-06" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1630", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:1646", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1629", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name" : "USN-2674-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2674-1" "name": "1032911",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032911"
"name" : "75844", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75844" "name": "RHSA-2015:1646",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
"name" : "1032911", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032911" "name": "openSUSE-SU-2015:1629",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"
} },
{
"name": "USN-2674-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2674-1"
},
{
"name": "GLSA-201610-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-06"
},
{
"name": "RHSA-2015:1630",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"
},
{
"name": "75844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75844"
}
]
}
} }

128
2015/4xxx/CVE-2015-4797.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4797", "ID": "CVE-2015-4797",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security."
{ }
"name" : "1033899", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033899" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033899"
}
]
}
} }

118
2015/8xxx/CVE-2015-8986.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2015-8986", "ID": "CVE-2015-8986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Advanced Threat Defense (MATD)", "product_name": "Advanced Threat Defense (MATD)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.4.2.32 and earlier" "version_value": "3.4.2.32 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Sandbox detection evasion vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10096", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10096" "lang": "eng",
} "value": "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox detection evasion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"
}
]
}
} }

146
2018/1002xxx/CVE-2018-1002005.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "larry0@me.com", "ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED" : "2018-08-22", "DATE_ASSIGNED": "2018-08-22",
"ID" : "CVE-2018-1002005", "ID": "CVE-2018-1002005",
"REQUESTER" : "kurt@seifried.org", "REQUESTER": "kurt@seifried.org",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"UPDATED" : "2017-08-10T14:41Z" "UPDATED": "2017-08-10T14:41Z"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Arigato Autoresponder and Newsletter", "product_name": "Arigato Autoresponder and Newsletter",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<=", "version_affected": "<=",
"version_value" : "2.5.1.8" "version_value": "2.5.1.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kiboko Labs https://calendarscripts.info/" "vendor_name": "Kiboko Labs https://calendarscripts.info/"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45434", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45434/" "lang": "eng",
}, "value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter."
{ }
"name" : "http://www.vapidlabs.com/advisory.php?v=203", ]
"refsource" : "MISC", },
"url" : "http://www.vapidlabs.com/advisory.php?v=203" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wordpress.org/plugins/bft-autoresponder/", "description": [
"refsource" : "MISC", {
"url" : "https://wordpress.org/plugins/bft-autoresponder/" "lang": "eng",
} "value": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
} }

134
2018/1999xxx/CVE-2018-1999015.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-07-20T20:44:32.981391", "DATE_ASSIGNED": "2018-07-20T20:44:32.981391",
"DATE_REQUESTED" : "2018-07-13T16:19:44", "DATE_REQUESTED": "2018-07-13T16:19:44",
"ID" : "CVE-2018-1999015", "ID": "CVE-2018-1999015",
"REQUESTER" : "paulcher@icloud.com", "REQUESTER": "paulcher@icloud.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FFmpeg", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "before 5aba5b89d0b1d73164d3b81764828bb8b20ff32a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "FFmpeg" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "out of array read"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a" "lang": "eng",
}, "value": "FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later."
{ }
"name" : "104896", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104896" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104896"
},
{
"name": "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a",
"refsource": "CONFIRM",
"url": "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a"
}
]
}
} }

32
2018/2xxx/CVE-2018-2527.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2527", "ID": "CVE-2018-2527",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/2xxx/CVE-2018-2701.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2701", "ID": "CVE-2018-2701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Hospitality Cruise Fleet Management", "product_name": "Hospitality Cruise Fleet Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "9.0.4.0" "version_value": "9.0.4.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)."
{ }
"name" : "102554", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102554" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "102554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102554"
}
]
}
} }

140
2018/3xxx/CVE-2018-3296.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3296", "ID": "CVE-2018-3296",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VM VirtualBox", "product_name": "VM VirtualBox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "5.2.20" "version_value": "5.2.20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
{ }
"name" : "105619", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105619" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041887", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041887" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "1041887",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041887"
},
{
"name": "105619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105619"
}
]
}
} }

130
2018/3xxx/CVE-2018-3720.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2018-3720", "ID": "CVE-2018-3720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "assign-deep node module", "product_name": "assign-deep node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions before 0.4.7" "version_value": "Versions before 0.4.7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Modification of Assumed-Immutable Data (MAID) (CWE-471)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11" "lang": "eng",
}, "value": "assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects."
{ }
"name" : "https://hackerone.com/reports/310707", ]
"refsource" : "MISC", },
"url" : "https://hackerone.com/reports/310707" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Modification of Assumed-Immutable Data (MAID) (CWE-471)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/310707",
"refsource": "MISC",
"url": "https://hackerone.com/reports/310707"
},
{
"name": "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11",
"refsource": "MISC",
"url": "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11"
}
]
}
} }

32
2018/6xxx/CVE-2018-6145.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6145", "ID": "CVE-2018-6145",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

202
2018/6xxx/CVE-2018-6496.json
View File

@ -1,104 +1,104 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@microfocus.com", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2018-6496", "ID": "CVE-2018-6496",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF" "TITLE": "MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UCMDB Browser", "product_name": "UCMDB Browser",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1" "version_value": "4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Micro Focus" "vendor_name": "Micro Focus"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Micro Focus would like to thank Mateusz Garncarek for reporting this issue to cyber-psrt@microfocus.com."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF)."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "cross-site request forgery (CSRF)"
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "cross-site request forgery (CSRF)"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "Micro Focus would like to thank Mateusz Garncarek for reporting this issue to cyber-psrt@microfocus.com."
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066", }
"refsource" : "CONFIRM", ],
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "104483", "description": {
"refsource" : "BID", "description_data": [
"url" : "http://www.securityfocus.com/bid/104483" {
}, "lang": "eng",
{ "value": "Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF)."
"name" : "1041139", }
"refsource" : "SECTRACK", ]
"url" : "http://www.securitytracker.com/id/1041139" },
} "exploit": [
] {
}, "lang": "eng",
"source" : { "value": "cross-site request forgery (CSRF)"
"discovery" : "UNKNOWN" }
} ],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross-site request forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104483"
},
{
"name": "1041139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041139"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
} }

118
2018/6xxx/CVE-2018-6575.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6575", "ID": "CVE-2018-6575",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43957", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43957" "lang": "eng",
} "value": "SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43957",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43957"
}
]
}
} }

32
2018/6xxx/CVE-2018-6897.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6897", "ID": "CVE-2018-6897",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7082.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7082", "ID": "CVE-2018-7082",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/7xxx/CVE-2018-7595.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7595", "ID": "CVE-2018-7595",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5600.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5600", "ID": "CVE-2019-5600",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5931.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5931", "ID": "CVE-2019-5931",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }