admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-11-17 15:04:39 -05:00
parent 7fdbe3b500
commit 8ae91fd855
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
5 changed files with 180 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2012/1xxx/CVE-2012-1213.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbra Web Client allows remote attackers to inject arbitrary web script or HTML via the view parameter."
"value" : "Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite (ZCS) 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter."
}
]
},
@ -58,6 +58,9 @@
{
"url" : "http://st2tea.blogspot.com/2012/02/zimbra-cross-site-scripting.html"
},
{
"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=63849"
},
{
"url" : "http://www.securityfocus.com/bid/51974"
},

76
2017/1000xxx/CVE-2017-1000204.json
View File

@ -1,63 +1,21 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.432846",
"ID": "CVE-2017-1000204",
"REQUESTER": "hbuchwald@ripstech.com",
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.432846",
"ID" : "CVE-2017-1000204",
"REQUESTER" : "hbuchwald@ripstech.com",
"STATE" : "REJECT",
"STATE_DETAIL" : "DUPLICATE of CVE-2016-9920"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Roundcube",
"version": {
"version_data": [
{
"version_value": "1.2.2 and older"
}
]
}
}
]
},
"vendor_name": "Roundcube"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Roundcube 1.2.2 is vulnerable to parameter injection in the mail() function resulting in remote command execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary file write, Remote command execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/roundcube/roundcubemail/commit/f84233785ddeed01445fc855f3ae1e8a62f167e1"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9920. Reason: This candidate is a reservation duplicate of CVE-2016-9920. Notes: All CVE users should reference CVE-2016-9920 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

130
2017/1000xxx/CVE-2017-1000215.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.444131",
"ID": "CVE-2017-1000215",
"REQUESTER": "fabian.freyer@physik.tu-berlin.de",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xrootd",
"version": {
"version_data": [
{
"version_value": "4.6.0 and older"
}
]
}
}
]
},
"vendor_name": "xrootd"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.444131",
"ID" : "CVE-2017-1000215",
"REQUESTER" : "fabian.freyer@physik.tu-berlin.de",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "xrootd",
"version" : {
"version_data" : [
{
"version_value" : "4.6.0 and older"
}
]
}
}
]
},
"vendor_name" : "xrootd"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "shell command injection"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "shell command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/xrootd/xrootd/blob/v4.6.1/docs/ReleaseNotes.txt"
},
{
"url": "https://github.com/xrootd/xrootd/commit/befa2e627a5a33a38c92db3e57c07d8246a24acf"
},
{
"url": "https://github.com/xrootd/xrootd/blob/befa2e627a5a33a38c92db3e57c07d8246a24acf/src/XrdSecgsi/XrdSecgsiGMAPFunLDAP.cc#L85"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/xrootd/xrootd/blob/befa2e627a5a33a38c92db3e57c07d8246a24acf/src/XrdSecgsi/XrdSecgsiGMAPFunLDAP.cc#L85"
},
{
"url" : "https://github.com/xrootd/xrootd/blob/v4.6.1/docs/ReleaseNotes.txt"
},
{
"url" : "https://github.com/xrootd/xrootd/commit/befa2e627a5a33a38c92db3e57c07d8246a24acf"
}
]
}
}

52
2017/14xxx/CVE-2017-14111.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-14111",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-318-01"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"url" : "http://www.securityfocus.com/bid/101850"
}
]
}

46
2017/16xxx/CVE-2017-16845.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16845",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html"
}
]
}