admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-10-18 17:07:33 -04:00
parent 01d1577124
commit 86f8966e19
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
35 changed files with 550 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
2015/5xxx/CVE-2015-5227.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5227",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://wpvulndb.com/vulnerabilities/8200"
},
{
"url" : "https://wordpress.org/plugins/landing-pages/#developers"
}
]
}

46
2015/5xxx/CVE-2015-5376.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5376",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://bogner.sh/2015/09/winpat-portal-3-unauthenticated-sql-injection-exploit/"
}
]
}

64
2015/5xxx/CVE-2015-5739.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5739",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,44 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by \"Content Length\" instead of \"Content-Length.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/oss-sec/2015/q3/237"
},
{
"url" : "http://seclists.org/oss-sec/2015/q3/292"
},
{
"url" : "http://seclists.org/oss-sec/2015/q3/294"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1250352"
},
{
"url" : "https://github.com/golang/go/commit/117ddcb83d7f42d6aa72241240af99ded81118e9"
},
{
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html"
},
{
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html"
}
]
}

64
2015/5xxx/CVE-2015-5740.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5740",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,44 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/oss-sec/2015/q3/237"
},
{
"url" : "http://seclists.org/oss-sec/2015/q3/292"
},
{
"url" : "http://seclists.org/oss-sec/2015/q3/294"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1250352"
},
{
"url" : "https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f"
},
{
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html"
},
{
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html"
}
]
}

49
2015/6xxx/CVE-2015-6961.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6961",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/web2py/web2py/commit/e31a099cb3456fef471886339653430ae59056b0"
},
{
"url" : "https://github.com/web2py/web2py/issues/731"
}
]
}

3
2016/6xxx/CVE-2016-6775.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94674"
}

3
2016/6xxx/CVE-2016-6776.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94674"
}

3
2016/6xxx/CVE-2016-6777.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94674"
}

3
2016/6xxx/CVE-2016-6789.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94678"
}

3
2016/8xxx/CVE-2016-8395.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94710"
}

3
2016/8xxx/CVE-2016-8397.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94714"
}

3
2016/8xxx/CVE-2016-8400.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/94713"
}

3
2016/8xxx/CVE-2016-8424.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8425.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8426.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8427.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8428.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8429.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8430.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95231"
}

3
2016/8xxx/CVE-2016-8449.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/95262"
}

3
2017/0xxx/CVE-2017-0306.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/96723"
},

3
2017/0xxx/CVE-2017-0307.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/96809"
},

3
2017/0xxx/CVE-2017-0325.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-04-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/97350"
},

3
2017/0xxx/CVE-2017-0326.json
View File

@ -56,6 +56,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-07-01"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/99477"
}

3
2017/0xxx/CVE-2017-0327.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-04-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/97333"
},

3
2017/0xxx/CVE-2017-0331.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-05-01"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/98150"
}

3
2017/0xxx/CVE-2017-0332.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-04-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/97333"
},

3
2017/0xxx/CVE-2017-0428.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-02-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/96070"
},

3
2017/0xxx/CVE-2017-0429.json
View File

@ -55,6 +55,9 @@
{
"url" : "https://source.android.com/security/bulletin/2017-02-01.html"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "http://www.securityfocus.com/bid/96070"
},

3
2017/1000xxx/CVE-2017-1000250.json
View File

@ -60,6 +60,9 @@
{
"url" : "https://access.redhat.com/security/vulnerabilities/blueborne"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "https://www.kb.cert.org/vuls/id/240311"
},

3
2017/1000xxx/CVE-2017-1000251.json
View File

@ -63,6 +63,9 @@
{
"url" : "https://access.redhat.com/security/vulnerabilities/blueborne"
},
{
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"url" : "https://www.kb.cert.org/vuls/id/240311"
},

18
2017/1000xxx/CVE-2017-1000256.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1000256",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

66
2017/15xxx/CVE-2017-15600.json Normal file
View File

@ -0,0 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-15600",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
},
{
"url" : "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
}
]
}
}

63
2017/15xxx/CVE-2017-15601.json Normal file
View File

@ -0,0 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-15601",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
},
{
"url" : "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
}
]
}
}

63
2017/15xxx/CVE-2017-15602.json Normal file
View File

@ -0,0 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-15602",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"url" : "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
}
]
}
}