admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:34:13 +00:00
parent 7ca814900d
commit 8a44456dc4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3689 additions and 3671 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
2004/0xxx/CVE-2004-0244.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0244", "ID": "CVE-2004-0244",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040203 Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml" "lang": "eng",
}, "value": "Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet."
{ }
"name" : "VU#810062", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/810062" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:5828", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5828" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "10780", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/10780" ]
}, },
{ "references": {
"name" : "9562", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9562" "name": "10780",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/10780"
"name" : "cisco-malformed-frame-dos(15013)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15013" "name": "9562",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/9562"
} },
{
"name": "cisco-malformed-frame-dos(15013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15013"
},
{
"name": "20040203 Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml"
},
{
"name": "oval:org.mitre.oval:def:5828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5828"
},
{
"name": "VU#810062",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/810062"
}
]
}
} }

138
2004/0xxx/CVE-2004-0266.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0266", "ID": "CVE-2004-0266",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the \"public message\" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040208 [waraxe-2004-SA#003] - SQL injection in Php-Nuke 7.1.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107635110327066&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in the \"public message\" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter."
{ }
"name" : "phpnuke-publicmessage-sql-injection(15080)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9615", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9615" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "phpnuke-publicmessage-sql-injection(15080)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15080"
},
{
"name": "9615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9615"
},
{
"name": "20040208 [waraxe-2004-SA#003] - SQL injection in Php-Nuke 7.1.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107635110327066&w=2"
}
]
}
} }

288
2004/0xxx/CVE-2004-0398.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0398", "ID": "CVE-2004-0398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040519 Advisory 06/2004: libneon date parsing vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108498433632333&w=2" "lang": "eng",
}, "value": "Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client."
{ }
"name" : "20040519 Advisory 06/2004: libneon date parsing vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2004:841", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2004:191", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2004-191.html" ]
}, },
{ "references": {
"name" : "DSA-506", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-506" "name": "11638",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/11638"
"name" : "DSA-507", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-507" "name": "11673",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/11673"
"name" : "FEDORA-2004-1552", },
"refsource" : "FEDORA", {
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=1552" "name": "6302",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/6302"
"name" : "GLSA-200405-13", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200405-13.xml" "name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0982.html"
"name" : "GLSA-200405-15", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200405-15.xml" "name": "11650",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/11650"
"name" : "MDKSA-2004:049", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049" "name": "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=108500057108022&w=2"
"name" : "20040519 [OpenPKG-SA-2004.024] OpenPKG Security Advisory (neon)", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108500057108022&w=2" "name": "GLSA-200405-13",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200405-13.xml"
"name" : "O-148", },
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/o-148.shtml" "name": "O-148",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/o-148.shtml"
"name" : "10385", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10385" "name": "GLSA-200405-15",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200405-15.xml"
"name" : "6302", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/6302" "name": "MDKSA-2004:049",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:049"
"name" : "11638", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11638" "name": "10385",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/10385"
"name" : "11650", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11650" "name": "DSA-506",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2004/dsa-506"
"name" : "11673", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11673" "name": "FEDORA-2004-1552",
}, "refsource": "FEDORA",
{ "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1552"
"name" : "neon-library-nerfc1036parse-bo(16192)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192" "name": "neon-library-nerfc1036parse-bo(16192)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16192"
} },
{
"name": "DSA-507",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-507"
},
{
"name": "CLA-2004:841",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000841"
},
{
"name": "20040519 Advisory 06/2004: libneon date parsing vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108498433632333&w=2"
},
{
"name": "RHSA-2004:191",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-191.html"
}
]
}
} }

208
2004/0xxx/CVE-2004-0690.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0690", "ID": "CVE-2004-0690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109225538901170&w=2" "lang": "eng",
}, "value": "The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory."
{ }
"name" : "http://www.kde.org/info/security/advisory-20040811-2.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kde.org/info/security/advisory-20040811-2.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386", "description": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "CLA-2004:864", ]
"refsource" : "CONECTIVA", }
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864" ]
}, },
{ "references": {
"name" : "200408-13", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200408-13.xml" "name": "CLA-2004:864",
}, "refsource": "CONECTIVA",
{ "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864"
"name" : "MDKSA-2004:086", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086" "name": "kde-dcopserver-symlink(16962)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962"
"name" : "VU#330638", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/330638" "name": "12276",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12276"
"name" : "10924", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10924" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386",
}, "refsource": "MISC",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386"
"name" : "12276", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12276" "name": "MDKSA-2004:086",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:086"
"name" : "kde-dcopserver-symlink(16962)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16962" "name": "http://www.kde.org/info/security/advisory-20040811-2.txt",
} "refsource": "CONFIRM",
] "url": "http://www.kde.org/info/security/advisory-20040811-2.txt"
} },
{
"name": "VU#330638",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/330638"
},
{
"name": "10924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10924"
},
{
"name": "200408-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109225538901170&w=2"
}
]
}
} }

278
2004/0xxx/CVE-2004-0783.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0783", "ID": "CVE-2004-0783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040915 CESA-2004-005: gtk+ XPM decoder", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109528994916275&w=2" "lang": "eng",
}, "value": "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
{ }
"name" : "http://scary.beasts.org/security/CESA-2004-005.txt", ]
"refsource" : "MISC", },
"url" : "http://scary.beasts.org/security/CESA-2004-005.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2004:875", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FLSA:2005", ]
"refsource" : "FEDORA", }
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2005" ]
}, },
{ "references": {
"name" : "FLSA-2005:155510", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/419771/100/0/threaded" "name": "101776",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
"name" : "MDKSA-2004:095", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095" "name": "FLSA:2005",
}, "refsource": "FEDORA",
{ "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
"name" : "MDKSA-2004:096", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096" "name": "http://scary.beasts.org/security/CESA-2004-005.txt",
}, "refsource": "MISC",
{ "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
"name" : "MDKSA-2005:214", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214" "name": "oval:org.mitre.oval:def:9348",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
"name" : "RHSA-2004:447", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-447.html" "name": "oval:org.mitre.oval:def:1786",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
"name" : "RHSA-2004:466", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-466.html" "name": "RHSA-2004:466",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
"name" : "101776", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1" "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=109528994916275&w=2"
"name" : "VU#369358", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/369358" "name": "gtk-xpm-xpmextractcolor-bo(17385)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
"name" : "11195", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11195" "name": "VU#369358",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/369358"
"name" : "oval:org.mitre.oval:def:1786", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786" "name": "MDKSA-2005:214",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
"name" : "oval:org.mitre.oval:def:9348", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348" "name": "FLSA-2005:155510",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
"name" : "17657", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17657" "name": "MDKSA-2004:095",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
"name" : "gtk-xpm-xpmextractcolor-bo(17385)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385" "name": "MDKSA-2004:096",
} "refsource": "MANDRAKE",
] "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
} },
{
"name": "11195",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11195"
},
{
"name": "RHSA-2004:447",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
},
{
"name": "CLA-2004:875",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875"
},
{
"name": "17657",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17657"
}
]
}
} }

168
2004/1xxx/CVE-2004-1026.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1026", "ID": "CVE-2004-1026",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-628", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-628" "lang": "eng",
}, "value": "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files."
{ }
"name" : "GLSA-200412-03", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2005:007", "description": [
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2004:651", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2004-651.html" ]
}, },
{ "references": {
"name" : "11830", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11830" "name": "MDKSA-2005:007",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007"
"name" : "oval:org.mitre.oval:def:10771", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" "name": "oval:org.mitre.oval:def:10771",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771"
} },
{
"name": "11830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11830"
},
{
"name": "RHSA-2004:651",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-651.html"
},
{
"name": "GLSA-200412-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml"
},
{
"name": "DSA-628",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-628"
}
]
}
} }

128
2004/1xxx/CVE-2004-1577.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1577", "ID": "CVE-2004-1577",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041003 Full path disclosure in PHP Links", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109693280416747&w=2" "lang": "eng",
}, "value": "index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message."
{ }
"name" : "phplinks-path-disclosure(17588)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17588" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041003 Full path disclosure in PHP Links",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109693280416747&w=2"
},
{
"name": "phplinks-path-disclosure(17588)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17588"
}
]
}
} }

178
2004/1xxx/CVE-2004-1758.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1758", "ID": "CVE-2004-1758",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_53.00.jsp", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_53.00.jsp" "lang": "eng",
}, "value": "BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges."
{ }
"name" : "VU#920238", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/920238" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "10131", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10131" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "5297", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/5297" ]
}, },
{ "references": {
"name" : "1009764", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1009764" "name": "1009764",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1009764"
"name" : "11357", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11357" "name": "http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_53.00.jsp",
}, "refsource": "CONFIRM",
{ "url": "http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_53.00.jsp"
"name" : "bea-configxml-plaintext-password(15860)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15860" "name": "VU#920238",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/920238"
} },
{
"name": "5297",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5297"
},
{
"name": "10131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10131"
},
{
"name": "11357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11357"
},
{
"name": "bea-configxml-plaintext-password(15860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15860"
}
]
}
} }

178
2004/1xxx/CVE-2004-1896.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1896", "ID": "CVE-2004-1896",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040405 NGSSoftware Insight Security Research Advisory", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108118289208693&w=2" "lang": "eng",
}, "value": "Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file."
{ }
"name" : "http://www.nextgenss.com/advisories/winampheap.txt", ]
"refsource" : "MISC", },
"url" : "http://www.nextgenss.com/advisories/winampheap.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "10045", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10045" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4944", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/4944" ]
}, },
{ "references": {
"name" : "1009660", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1009660" "name": "4944",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/4944"
"name" : "11285", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11285" "name": "http://www.nextgenss.com/advisories/winampheap.txt",
}, "refsource": "MISC",
{ "url": "http://www.nextgenss.com/advisories/winampheap.txt"
"name" : "winamp-inmod-bo(15727)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15727" "name": "1009660",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1009660"
} },
{
"name": "10045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10045"
},
{
"name": "20040405 NGSSoftware Insight Security Research Advisory",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108118289208693&w=2"
},
{
"name": "winamp-inmod-bo(15727)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15727"
},
{
"name": "11285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11285"
}
]
}
} }

148
2004/2xxx/CVE-2004-2351.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2351", "ID": "CVE-2004-2351",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and (4) message, which do not use the <script> and <style> tags, which are filtered by PHP-Nuke."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040202 [waraxe-2004-SA#001] - Script injection in GBook for Php-Nuke ver. 1.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/352373" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and (4) message, which do not use the <script> and <style> tags, which are filtered by PHP-Nuke."
{ }
"name" : "9559", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/9559" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1008930", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1008930" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "gbook-message-html-injection(15027)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15027" ]
} },
] "references": {
} "reference_data": [
{
"name": "20040202 [waraxe-2004-SA#001] - Script injection in GBook for Php-Nuke ver. 1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/352373"
},
{
"name": "gbook-message-html-injection(15027)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15027"
},
{
"name": "1008930",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1008930"
},
{
"name": "9559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9559"
}
]
}
} }

148
2008/2xxx/CVE-2008-2496.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2496", "ID": "CVE-2008-2496",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "5668", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/5668" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php."
{ }
"name" : "29348", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29348" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30377", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30377" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "quate-multiple-xss(42603)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42603" ]
} },
] "references": {
} "reference_data": [
{
"name": "30377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30377"
},
{
"name": "29348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29348"
},
{
"name": "quate-multiple-xss(42603)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42603"
},
{
"name": "5668",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5668"
}
]
}
} }

32
2008/2xxx/CVE-2008-2657.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2657", "ID": "CVE-2008-2657",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2008/2xxx/CVE-2008-2771.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2771", "ID": "CVE-2008-2771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with \"access content\" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/269473", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/269473" "lang": "eng",
}, "value": "The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with \"access content\" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors."
{ }
"name" : "29675", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29675" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30622", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30622" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "node-hierarchy-access-security-bypass(43006)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43006" ]
} },
] "references": {
} "reference_data": [
{
"name": "30622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30622"
},
{
"name": "node-hierarchy-access-security-bypass(43006)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43006"
},
{
"name": "http://drupal.org/node/269473",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/269473"
},
{
"name": "29675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29675"
}
]
}
} }

158
2008/3xxx/CVE-2008-3149.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3149", "ID": "CVE-2008-3149",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080704 F5 FirePass 1200 SNMP daemon DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/493950/100/0/threaded" "lang": "eng",
}, "value": "The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB."
{ }
"name" : "30090", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30090" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30965", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30965" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3985", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/3985" ]
}, },
{ "references": {
"name" : "firepass-snmp-dos(43670)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43670" "name": "3985",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3985"
} },
{
"name": "firepass-snmp-dos(43670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43670"
},
{
"name": "30965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30965"
},
{
"name": "30090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30090"
},
{
"name": "20080704 F5 FirePass 1200 SNMP daemon DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493950/100/0/threaded"
}
]
}
} }

148
2008/3xxx/CVE-2008-3840.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3840", "ID": "CVE-2008-3840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080825 Crafty Syntax Live Help <= 2.14.6 SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/495729/100/0/threaded" "lang": "eng",
}, "value": "Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00127-08252008", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00127-08252008" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4192", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4192" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "crafty-syntax-info-disclosure(44745)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.gulftech.org/?node=research&article_id=00127-08252008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00127-08252008"
},
{
"name": "20080825 Crafty Syntax Live Help <= 2.14.6 SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495729/100/0/threaded"
},
{
"name": "crafty-syntax-info-disclosure(44745)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44745"
},
{
"name": "4192",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4192"
}
]
}
} }

138
2008/6xxx/CVE-2008-6491.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6491", "ID": "CVE-2008-6491",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securityfocus.com/bid/28526/exploit", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securityfocus.com/bid/28526/exploit" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "28526", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/28526" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phpgkit-connexion-file-include(41574)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41574" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/28526/exploit",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/28526/exploit"
},
{
"name": "phpgkit-connexion-file-include(41574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41574"
},
{
"name": "28526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28526"
}
]
}
} }

148
2008/6xxx/CVE-2008-6495.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6495", "ID": "CVE-2008-6495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter."
{ }
"name" : "32623", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/32623" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32325", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32325" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "yappang-index-xss(47078)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47078" ]
} },
] "references": {
} "reference_data": [
{
"name": "yappang-index-xss(47078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47078"
},
{
"name": "32325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32325"
},
{
"name": "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0812-exploits/yappang-xss.txt"
},
{
"name": "32623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32623"
}
]
}
} }

168
2008/6xxx/CVE-2008-6589.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6589", "ID": "CVE-2008-6589",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy \"no database\" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080418 LightNEasy v.1.2.2 flat Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/491064/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy \"no database\" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php."
{ }
"name" : "28839", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/28839" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "44676", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/44676" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "44677", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/44677" ]
}, },
{ "references": {
"name" : "29833", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29833" "name": "20080418 LightNEasy v.1.2.2 flat Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/491064/100/0/threaded"
"name" : "lightneasy-page-xss(41888)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41888" "name": "29833",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/29833"
} },
{
"name": "44676",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/44676"
},
{
"name": "lightneasy-page-xss(41888)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41888"
},
{
"name": "44677",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/44677"
},
{
"name": "28839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28839"
}
]
}
} }

218
2008/7xxx/CVE-2008-7234.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7234", "ID": "CVE-2008-7234",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=120058413923005&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=120058413923005&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA08-017A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-017A.html" ]
}, },
{ "references": {
"name" : "27229", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27229" "name": "1019218",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1019218"
"name" : "40295", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/40295" "name": "27229",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/27229"
"name" : "1019218", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019218" "name": "TA08-017A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-017A.html"
"name" : "28518", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28518" "name": "ADV-2008-0150",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0150"
"name" : "28556", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28556" "name": "ADV-2008-0180",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0180"
"name" : "ADV-2008-0150", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0150" "name": "40295",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/40295"
"name" : "ADV-2008-0180", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0180" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=120058413923005&w=2"
},
{
"name": "28556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28556"
},
{
"name": "28518",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28518"
}
]
}
} }

178
2013/2xxx/CVE-2013-2134.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-2134", "ID": "CVE-2013-2134",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cwiki.apache.org/confluence/display/WW/S2-015", "description_data": [
"refsource" : "MISC", {
"url" : "https://cwiki.apache.org/confluence/display/WW/S2-015" "lang": "eng",
}, "value": "Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135."
{ }
"name" : "http://struts.apache.org/development/2.x/docs/s2-015.html", ]
"refsource" : "CONFIRM", },
"url" : "http://struts.apache.org/development/2.x/docs/s2-015.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" ]
}, },
{ "references": {
"name" : "GLSA-201409-04", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201409-04.xml" "name": "http://struts.apache.org/development/2.x/docs/s2-015.html",
}, "refsource": "CONFIRM",
{ "url": "http://struts.apache.org/development/2.x/docs/s2-015.html"
"name" : "64758", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64758" "name": "https://cwiki.apache.org/confluence/display/WW/S2-015",
}, "refsource": "MISC",
{ "url": "https://cwiki.apache.org/confluence/display/WW/S2-015"
"name" : "60346", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/60346" "name": "60346",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/60346"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "GLSA-201409-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
]
}
} }

128
2013/2xxx/CVE-2013-2338.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2013-2338", "ID": "CVE-2013-2338",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBHF02885", "description_data": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836" "lang": "eng",
}, "value": "Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors."
{ }
"name" : "SSRT101180", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02885",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"name": "SSRT101180",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
}
]
}
} }

32
2013/2xxx/CVE-2013-2490.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2490", "ID": "CVE-2013-2490",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

248
2013/2xxx/CVE-2013-2777.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2777", "ID": "CVE-2013-2777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/02/27/31" "lang": "eng",
}, "value": "sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839", ]
"refsource" : "MISC", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=916365", ]
"refsource" : "MISC", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=916365" ]
}, },
{ "references": {
"name" : "http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4" "name": "http://www.sudo.ws/repos/sudo/rev/bfa23f089bba",
}, "refsource": "CONFIRM",
{ "url": "http://www.sudo.ws/repos/sudo/rev/bfa23f089bba"
"name" : "http://www.sudo.ws/repos/sudo/rev/bfa23f089bba", },
"refsource" : "CONFIRM", {
"url" : "http://www.sudo.ws/repos/sudo/rev/bfa23f089bba" "name": "58207",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/58207"
"name" : "http://www.sudo.ws/sudo/alerts/tty_tickets.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.sudo.ws/sudo/alerts/tty_tickets.html" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839",
}, "refsource": "MISC",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
"name" : "https://support.apple.com/kb/HT205031", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "name": "http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4",
}, "refsource": "CONFIRM",
{ "url": "http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4"
"name" : "APPLE-SA-2015-08-13-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "RHSA-2013:1701",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
"name" : "DSA-2642", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2013/dsa-2642" "name": "DSA-2642",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2013/dsa-2642"
"name" : "RHSA-2013:1701", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1701.html" "name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
"name" : "SSA:2013-065-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440" "name": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
"name" : "58207", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/58207" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "sudo-ttytickets-sec-bypass(82453)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453" "name": "SSA:2013-065-01",
} "refsource": "SLACKWARE",
] "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440"
} },
{
"name": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916365",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
]
}
} }

178
2017/11xxx/CVE-2017-11496.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11496", "ID": "CVE-2017-11496",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.kaspersky.com/alerts/2017/07/28/multiple-vulnerabilities-found-in-popular-license-manager/", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.kaspersky.com/alerts/2017/07/28/multiple-vulnerabilities-found-in-popular-license-manager/" "lang": "eng",
}, "value": "Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files."
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01", ]
"refsource" : "MISC", },
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx", "description": [
"refsource" : "MISC", {
"url" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01", ]
"refsource" : "MISC", }
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01" ]
}, },
{ "references": {
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf" "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01",
}, "refsource": "MISC",
{ "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01"
"name" : "102739", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102739" "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf",
}, "refsource": "CONFIRM",
{ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf"
"name" : "102906", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102906" "name": "102906",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/102906"
} },
{
"name": "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx",
"refsource": "MISC",
"url": "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx"
},
{
"name": "https://ics-cert.kaspersky.com/alerts/2017/07/28/multiple-vulnerabilities-found-in-popular-license-manager/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/alerts/2017/07/28/multiple-vulnerabilities-found-in-popular-license-manager/"
},
{
"name": "102739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102739"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01"
}
]
}
} }

118
2017/11xxx/CVE-2017-11570.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11570", "ID": "CVE-2017-11570",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/fontforge/fontforge/issues/3097", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/fontforge/fontforge/issues/3097" "lang": "eng",
} "value": "FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fontforge/fontforge/issues/3097",
"refsource": "MISC",
"url": "https://github.com/fontforge/fontforge/issues/3097"
}
]
}
} }

128
2017/14xxx/CVE-2017-14030.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-14030", "ID": "CVE-2017-14030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Moxa MXview", "product_name": "Moxa MXview",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Moxa MXview" "version_value": "Moxa MXview"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-428"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02" "lang": "eng",
}, "value": "An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path."
{ }
"name" : "102494", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102494" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102494",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102494"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02"
}
]
}
} }

148
2017/14xxx/CVE-2017-14130.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14130", "ID": "CVE-2017-14130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22058", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22058" "lang": "eng",
}, "value": "The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file."
{ }
"name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229", ]
"refsource" : "CONFIRM", },
"url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201801-01", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201801-01" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "100625", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/100625" ]
} },
] "references": {
} "reference_data": [
{
"name": "GLSA-201801-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-01"
},
{
"name": "100625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100625"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22058",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22058"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a143b99fc4a5094a9cf128f3184d8e6818c8229"
}
]
}
} }

32
2017/14xxx/CVE-2017-14338.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14338", "ID": "CVE-2017-14338",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/14xxx/CVE-2017-14793.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-14793", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-14793",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7502. Reason: This candidate is a reservation duplicate of CVE-2018-7502. Notes: All CVE users should reference CVE-2018-7502 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7502. Reason: This candidate is a reservation duplicate of CVE-2018-7502. Notes: All CVE users should reference CVE-2018-7502 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

188
2017/15xxx/CVE-2017-15126.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2017-15126", "ID": "CVE-2017-15126",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Linux Kernel before 4.13.6", "product_name": "Linux Kernel before 4.13.6",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Linux Kernel before 4.13.6" "version_value": "Linux Kernel before 4.13.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put()."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-119"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252", "description_data": [
"refsource" : "MISC", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252" "lang": "eng",
}, "value": "A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put()."
{ }
"name" : "https://access.redhat.com/security/cve/CVE-2017-15126", ]
"refsource" : "MISC", },
"url" : "https://access.redhat.com/security/cve/CVE-2017-15126" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1523481", "description": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1523481" "lang": "eng",
}, "value": "CWE-119"
{ }
"name" : "https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252", ]
"refsource" : "MISC", }
"url" : "https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252" ]
}, },
{ "references": {
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6", "reference_data": [
"refsource" : "MISC", {
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6" "name": "102516",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/102516"
"name" : "RHSA-2018:0676", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0676" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252",
}, "refsource": "MISC",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252"
"name" : "RHSA-2018:1062", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:1062" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1523481",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523481"
"name" : "102516", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102516" "name": "RHSA-2018:1062",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:1062"
} },
{
"name": "https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6",
"refsource": "MISC",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2017-15126",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2017-15126"
}
]
}
} }

158
2017/15xxx/CVE-2017-15267.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15267", "ID": "CVE-2017-15267",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html" "lang": "eng",
}, "value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
{ }
"name" : "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html", ]
"refsource" : "MISC", },
"url" : "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://openwall.com/lists/oss-security/2017/10/11/1", "description": [
"refsource" : "MISC", {
"url" : "http://openwall.com/lists/oss-security/2017/10/11/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1499600", ]
"refsource" : "MISC", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1499600" ]
}, },
{ "references": {
"name" : "101272", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101272" "name": "101272",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/101272"
} },
{
"name": "http://openwall.com/lists/oss-security/2017/10/11/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
]
}
} }

118
2017/15xxx/CVE-2017-15567.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15567", "ID": "CVE-2017-15567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80", "description_data": [
"refsource" : "MISC", {
"url" : "https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80" "lang": "eng",
} "value": "** DISPUTED ** The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product or in the associated SDK."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80",
"refsource": "MISC",
"url": "https://gist.github.com/shiham101/4c49ece8ecac7c3c02ecbc6942aeca80"
}
]
}
} }

168
2017/8xxx/CVE-2017-8064.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8064", "ID": "CVE-2017-8064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/04/16/4" "lang": "eng",
}, "value": "drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist."
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.12", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.12" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=005145378c9ad7575a01b6ce1ba118fb427f583a", "description": [
"refsource" : "CONFIRM", {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=005145378c9ad7575a01b6ce1ba118fb427f583a" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/005145378c9ad7575a01b6ce1ba118fb427f583a", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/005145378c9ad7575a01b6ce1ba118fb427f583a" ]
}, },
{ "references": {
"name" : "DSA-3886", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3886" "name": "97975",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/97975"
"name" : "97975", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97975" "name": "[oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2017/04/16/4"
} },
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=005145378c9ad7575a01b6ce1ba118fb427f583a",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=005145378c9ad7575a01b6ce1ba118fb427f583a"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.12",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.12"
},
{
"name": "DSA-3886",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3886"
},
{
"name": "https://github.com/torvalds/linux/commit/005145378c9ad7575a01b6ce1ba118fb427f583a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/005145378c9ad7575a01b6ce1ba118fb427f583a"
}
]
}
} }

128
2017/8xxx/CVE-2017-8392.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8392", "ID": "CVE-2017-8392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=21409", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=21409" "lang": "eng",
}, "value": "The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash."
{ }
"name" : "GLSA-201709-02", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201709-02" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201709-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-02"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21409",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21409"
}
]
}
} }

118
2017/9xxx/CVE-2017-9919.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9919", "ID": "CVE-2017-9919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000087.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9919", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9919" "lang": "eng",
} "value": "IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000087.\""
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9919",
"refsource": "MISC",
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9919"
}
]
}
} }

128
2017/9xxx/CVE-2017-9945.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "productcert@siemens.com", "ASSIGNER": "productcert@siemens.com",
"ID" : "CVE-2017-9945", "ID": "CVE-2017-9945",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Siemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3", "product_name": "Siemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Siemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3" "version_value": "Siemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdf" "lang": "eng",
}, "value": "In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover."
{ }
"name" : "100562", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100562" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Denial-of-Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100562"
},
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-771218.pdf"
}
]
}
} }

118
2018/0xxx/CVE-2018-0619.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0619", "ID": "CVE-2018-0619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Installer of Glary Utilities", "product_name": "Installer of Glary Utilities",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier" "version_value": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Glarysoft Ltd." "vendor_name": "Glarysoft Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#84967039", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN84967039/index.html" "lang": "eng",
} "value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84967039",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
]
}
} }

132
2018/1000xxx/CVE-2018-1000018.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-01-23", "DATE_ASSIGNED": "2018-01-23",
"ID" : "CVE-2018-1000018", "ID": "CVE-2018-1000018",
"REQUESTER" : "dmoppert@redhat.com", "REQUESTER": "dmoppert@redhat.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ovirt-hosted-engine-setup", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<=2.2.5" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "oVirt" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-532"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1536941", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1536941" "lang": "eng",
}, "value": "An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file."
{ }
"name" : "https://gerrit.ovirt.org/#/c/86635/", ]
"refsource" : "CONFIRM", },
"url" : "https://gerrit.ovirt.org/#/c/86635/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1536941",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536941"
},
{
"name": "https://gerrit.ovirt.org/#/c/86635/",
"refsource": "CONFIRM",
"url": "https://gerrit.ovirt.org/#/c/86635/"
}
]
}
} }

122
2018/1000xxx/CVE-2018-1000109.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-02-26", "DATE_ASSIGNED": "2018-02-26",
"ID" : "CVE-2018-1000109", "ID": "CVE-2018-1000109",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins Google Play Android Publisher Plugin", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.6 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins project" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An improper authorization vulnerability exists in Jenkins Google Play Android Publisher Plugin version 1.6 and earlier in GooglePlayBuildStepDescriptor.java that allow an attacker to obtain credential IDs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-285"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2018-02-26/#SECURITY-715", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2018-02-26/#SECURITY-715" "lang": "eng",
} "value": "An improper authorization vulnerability exists in Jenkins Google Play Android Publisher Plugin version 1.6 and earlier in GooglePlayBuildStepDescriptor.java that allow an attacker to obtain credential IDs."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2018-02-26/#SECURITY-715",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2018-02-26/#SECURITY-715"
}
]
}
} }

124
2018/1000xxx/CVE-2018-1000181.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-05-01T12:00:00", "DATE_ASSIGNED": "2018-05-01T12:00:00",
"DATE_REQUESTED" : "2018-05-01T14:00:00", "DATE_REQUESTED": "2018-05-01T14:00:00",
"ID" : "CVE-2018-1000181", "ID": "CVE-2018-1000181",
"REQUESTER" : "i.partridge@uk.ibm.com", "REQUESTER": "i.partridge@uk.ibm.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Kitura", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.3.0 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kitura" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Kitura 2.3.0 and earlier have an unintended read access to unauthorised files and folders that can be exploited by a crafted URL resulting in information disclosure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory Traversal"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/IBM-Swift/Kitura/pull/1278", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/IBM-Swift/Kitura/pull/1278" "lang": "eng",
} "value": "Kitura 2.3.0 and earlier have an unintended read access to unauthorised files and folders that can be exploited by a crafted URL resulting in information disclosure."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/IBM-Swift/Kitura/pull/1278",
"refsource": "CONFIRM",
"url": "https://github.com/IBM-Swift/Kitura/pull/1278"
}
]
}
} }

370
2018/12xxx/CVE-2018-12359.json
View File

@ -1,188 +1,188 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2018-12359", "ID": "CVE-2018-12359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "60" "version_value": "60"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.9" "version_value": "52.9"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "60.1" "version_value": "60.1"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.9" "version_value": "52.9"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "61" "version_value": "61"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overflow using computed size of canvas element"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1406-1] firefox-esr security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html" "lang": "eng",
}, "value": "A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61."
{ }
"name" : "[debian-lts-announce] 20180714 [SECURITY] [DLA 1425-1] thunderbird security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1459162", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1459162" "lang": "eng",
}, "value": "Buffer overflow using computed size of canvas element"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-15/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-15/" ]
}, },
{ "references": {
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-16/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-16/" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1459162",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1459162"
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-17/", },
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-17/" "name": "GLSA-201810-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201810-01"
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-18/", },
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-18/" "name": "104555",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/104555"
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-19/", },
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-19/" "name": "https://www.mozilla.org/security/advisories/mfsa2018-15/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2018-15/"
"name" : "DSA-4235", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4235" "name": "RHSA-2018:2112",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2112"
"name" : "DSA-4244", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4244" "name": "GLSA-201811-13",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201811-13"
"name" : "GLSA-201810-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201810-01" "name": "DSA-4235",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4235"
"name" : "GLSA-201811-13", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201811-13" "name": "https://www.mozilla.org/security/advisories/mfsa2018-18/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2018-18/"
"name" : "RHSA-2018:2112", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2112" "name": "RHSA-2018:2113",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2113"
"name" : "RHSA-2018:2113", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2113" "name": "https://www.mozilla.org/security/advisories/mfsa2018-16/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2018-16/"
"name" : "RHSA-2018:2251", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2251" "name": "DSA-4244",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4244"
"name" : "RHSA-2018:2252", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2252" "name": "1041193",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1041193"
"name" : "USN-3705-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3705-1/" "name": "https://www.mozilla.org/security/advisories/mfsa2018-19/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2018-19/"
"name" : "USN-3714-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3714-1/" "name": "RHSA-2018:2252",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2252"
"name" : "104555", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104555" "name": "https://www.mozilla.org/security/advisories/mfsa2018-17/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2018-17/"
"name" : "1041193", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041193" "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1425-1] thunderbird security update",
} "refsource": "MLIST",
] "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html"
} },
{
"name": "RHSA-2018:2251",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2251"
},
{
"name": "USN-3705-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3705-1/"
},
{
"name": "USN-3714-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3714-1/"
},
{
"name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1406-1] firefox-esr security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html"
}
]
}
} }

32
2018/13xxx/CVE-2018-13808.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13808", "ID": "CVE-2018-13808",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2018/16xxx/CVE-2018-16407.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16407", "ID": "CVE-2018-16407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst", "description_data": [
"refsource" : "MISC", {
"url" : "https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst" "lang": "eng",
}, "value": "An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled."
{ }
"name" : "https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c", ]
"refsource" : "MISC", },
"url" : "https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://gitlab.com/mayan-edms/mayan-edms/issues/496", "description": [
"refsource" : "MISC", {
"url" : "https://gitlab.com/mayan-edms/mayan-edms/issues/496" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c",
"refsource": "MISC",
"url": "https://gitlab.com/mayan-edms/mayan-edms/commit/076468a9225e4630a463c0bbceb8e5b805fe380c"
},
{
"name": "https://gitlab.com/mayan-edms/mayan-edms/issues/496",
"refsource": "MISC",
"url": "https://gitlab.com/mayan-edms/mayan-edms/issues/496"
},
{
"name": "https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst",
"refsource": "MISC",
"url": "https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst"
}
]
}
} }

138
2018/16xxx/CVE-2018-16423.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16423", "ID": "CVE-2018-16423",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a" "lang": "eng",
}, "value": "A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact."
{ }
"name" : "https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1", ]
"refsource" : "MISC", },
"url" : "https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/", "description": [
"refsource" : "MISC", {
"url" : "https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a",
"refsource": "MISC",
"url": "https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a"
},
{
"name": "https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1",
"refsource": "MISC",
"url": "https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1"
},
{
"name": "https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/",
"refsource": "MISC",
"url": "https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/"
}
]
}
} }

32
2018/16xxx/CVE-2018-16498.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16498", "ID": "CVE-2018-16498",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/16xxx/CVE-2018-16615.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16615", "ID": "CVE-2018-16615",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/16xxx/CVE-2018-16826.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16826", "ID": "CVE-2018-16826",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2018/16xxx/CVE-2018-16853.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sfowler@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-16853", "ID": "CVE-2018-16853",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "samba", "product_name": "samba",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.7.12" "version_value": "4.7.12"
}, },
{ {
"version_value" : "4.8.7" "version_value": "4.8.7"
}, },
{ {
"version_value" : "4.9.3" "version_value": "4.9.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-400"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16853", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16853" "lang": "eng",
}, "value": "Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command."
{ }
"name" : "https://www.samba.org/samba/security/CVE-2018-16853.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.samba.org/samba/security/CVE-2018-16853.html" "impact": {
}, "cvss": [
{ [
"name" : "https://security.netapp.com/advisory/ntap-20181127-0001/", {
"refsource" : "CONFIRM", "vectorString": "7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"url" : "https://security.netapp.com/advisory/ntap-20181127-0001/" "version": "3.0"
}, }
{ ]
"name" : "106026", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106026" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16853",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16853"
},
{
"name": "https://www.samba.org/samba/security/CVE-2018-16853.html",
"refsource": "CONFIRM",
"url": "https://www.samba.org/samba/security/CVE-2018-16853.html"
},
{
"name": "106026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106026"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181127-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181127-0001/"
}
]
}
} }

138
2018/4xxx/CVE-2018-4149.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2018-4149", "ID": "CVE-2018-4149",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the \"SafariViewController\" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208693", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208693" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the \"SafariViewController\" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page."
{ }
"name" : "103578", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103578" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040604", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040604" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1040604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040604"
},
{
"name": "https://support.apple.com/HT208693",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208693"
},
{
"name": "103578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103578"
}
]
}
} }

32
2018/4xxx/CVE-2018-4275.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4275", "ID": "CVE-2018-4275",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/4xxx/CVE-2018-4565.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4565", "ID": "CVE-2018-4565",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/4xxx/CVE-2018-4770.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4770", "ID": "CVE-2018-4770",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2018/4xxx/CVE-2018-4948.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4948", "ID": "CVE-2018-4948",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions", "product_name": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions" "version_value": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Heap Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" "lang": "eng",
}, "value": "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
{ }
"name" : "104172", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104172" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040920", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040920" "lang": "eng",
} "value": "Heap Overflow"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "104172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104172"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html"
},
{
"name": "1040920",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040920"
}
]
}
} }

18
2019/9xxx/CVE-2019-9850.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}