admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-11-17 16:03:46 -05:00
parent 5fbbcc0ba8
commit 8a6076883a
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
6 changed files with 302 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
2012/2xxx/CVE-2012-2399.json
View File

@ -76,6 +76,12 @@
{
"url" : "http://www.debian.org/security/2012/dsa-2470"
},
{
"url" : "http://jvn.jp/en/jp/JVN25280162/index.html"
},
{
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-002110"
},
{
"url" : "http://www.osvdb.org/91134"
},

118
2017/1000xxx/CVE-2017-1000163.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.374827",
"ID": "CVE-2017-1000163",
"REQUESTER": "griffin.byatt@nccgroup.trust",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phoenix Framework",
"version": {
"version_data": [
{
"version_value": "v1.0.0, v1.0.1, v1.0.2, v1.0.3, v1.0.4, v1.1.0, v1.1.1, v1.1.2, v1.1.3, v1.1.4, v1.1.5, v1.1,6, v1.2.0, v1.2.1, v1.3.0-rc.0"
}
]
}
}
]
},
"vendor_name": "Phoenix Framework"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.374827",
"ID" : "CVE-2017-1000163",
"REQUESTER" : "griffin.byatt@nccgroup.trust",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Phoenix Framework",
"version" : {
"version_data" : [
{
"version_value" : "v1.0.0, v1.0.1, v1.0.2, v1.0.3, v1.0.4, v1.1.0, v1.1.1, v1.1.2, v1.1.3, v1.1.4, v1.1.5, v1.1,6, v1.2.0, v1.2.1, v1.3.0-rc.0"
}
]
}
}
]
},
"vendor_name" : "Phoenix Framework"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unvalidated Redirect"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unvalidated Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://elixirforum.com/t/security-releases-for-phoenix/4143"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://elixirforum.com/t/security-releases-for-phoenix/4143"
}
]
}
}

118
2017/1000xxx/CVE-2017-1000190.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.413120",
"ID": "CVE-2017-1000190",
"REQUESTER": "exploitcat@foxmail.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SimpleXML",
"version": {
"version_data": [
{
"version_value": "2.7.1 lastest version"
}
]
}
}
]
},
"vendor_name": "SimpleXML"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.413120",
"ID" : "CVE-2017-1000190",
"REQUESTER" : "exploitcat@foxmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SimpleXML",
"version" : {
"version_data" : [
{
"version_value" : "2.7.1 lastest version"
}
]
}
}
]
},
"vendor_name" : "SimpleXML"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity (XXE)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SimpleXML(lastest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML External Entity (XXE)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ngallagher/simplexml/issues/18"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/ngallagher/simplexml/issues/18"
}
]
}
}

118
2017/1000xxx/CVE-2017-1000227.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.456668",
"ID": "CVE-2017-1000227",
"REQUESTER": "tom@dxw.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Salutation Responsive WordPress + BuddyPress Theme",
"version": {
"version_data": [
{
"version_value": "3.0.15"
}
]
}
}
]
},
"vendor_name": "Parallelus"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.456668",
"ID" : "CVE-2017-1000227",
"REQUESTER" : "tom@dxw.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Salutation Responsive WordPress + BuddyPress Theme",
"version" : {
"version_data" : [
{
"version_value" : "3.0.15"
}
]
}
}
]
},
"vendor_name" : "Parallelus"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security.dxw.com/advisories/stored-xss-salutation-theme/"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://security.dxw.com/advisories/stored-xss-salutation-theme/"
}
]
}
}

118
2017/1000xxx/CVE-2017-1000230.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.459114",
"ID": "CVE-2017-1000230",
"REQUESTER": "martin.tenek@gmail.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Step7 Open Source Ethernet Communication Suite",
"version": {
"version_data": [
{
"version_value": "1.4.1"
}
]
}
}
]
},
"vendor_name": "Snap7"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.459114",
"ID" : "CVE-2017-1000230",
"REQUESTER" : "martin.tenek@gmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Step7 Open Source Ethernet Communication Suite",
"version" : {
"version_data" : [
{
"version_value" : "1.4.1"
}
]
}
}
]
},
"vendor_name" : "Snap7"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Null Pointer Exception"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Pointer Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/p/snap7/discussion/bugfix/thread/2d2d085c/"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://sourceforge.net/p/snap7/discussion/bugfix/thread/2d2d085c/"
}
]
}
}

60
2017/16xxx/CVE-2017-16880.json Normal file
View File

@ -0,0 +1,60 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16880",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has XSS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/filp/whoops/commit/c16791d28d1ca3139e398145f0c6565c523c291a"
}
]
}
}