admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 15:01:39 +00:00
parent c5324cc5f6
commit 8b0e1b6038
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 2420 additions and 566 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

357
2008/5xxx/CVE-2008-5019.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-5019", "ID": "CVE-2008-5019",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors." "value": "CVE-2008-5019 Mozilla XSS via session restore"
} }
] ]
}, },
@ -44,138 +21,240 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 2.1",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.21.el2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-0.25.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:1.0.9-28.el4",
"version_affected": "!"
},
{
"version_value": "0:3.0.4-1.el4",
"version_affected": "!"
},
{
"version_value": "0:3.12.1.1-3.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.12-20.el5",
"version_affected": "!"
},
{
"version_value": "0:3.0.4-1.el5",
"version_affected": "!"
},
{
"version_value": "0:3.12.1.1-3.el5",
"version_affected": "!"
},
{
"version_value": "0:1.9.0.4-1.el5",
"version_affected": "!"
},
{
"version_value": "0:2.16.0-22.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "ADV-2008-3146", "url": "http://secunia.com/advisories/34501",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3146"
},
{
"name": "32281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32281"
},
{
"name": "FEDORA-2008-9667",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html"
},
{
"name": "32713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32713"
},
{
"name": "RHSA-2008:0977",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html"
},
{
"name": "MDVSA-2008:230",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230"
},
{
"name": "ADV-2009-0977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name": "32695",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32695"
},
{
"name": "RHSA-2008:0978",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html"
},
{
"name": "32778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32778"
},
{
"name": "1021184",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021184"
},
{
"name": "FEDORA-2008-9669",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html"
},
{
"name": "256408",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name": "SUSE-SA:2008:055",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html"
},
{
"name": "32694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32694"
},
{
"name": "oval:org.mitre.oval:def:10943",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10943"
},
{
"name": "32721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32721"
},
{
"name": "TA08-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html"
},
{
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906,460983",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906,460983" "name": "http://secunia.com/advisories/34501"
}, },
{ {
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-53.html", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-53.html" "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
}, },
{ {
"name": "32693", "url": "http://www.vupen.com/english/advisories/2009/0977",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/32693" "name": "http://www.vupen.com/english/advisories/2009/0977"
}, },
{ {
"name": "MDVSA-2008:228", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228" "name": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html"
}, },
{ {
"name": "32684", "url": "http://secunia.com/advisories/32684",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/32684" "name": "http://secunia.com/advisories/32684"
}, },
{ {
"name": "USN-667-1", "url": "http://secunia.com/advisories/32693",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://ubuntu.com/usn/usn-667-1" "name": "http://secunia.com/advisories/32693"
}, },
{ {
"name": "34501", "url": "http://secunia.com/advisories/32694",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/34501" "name": "http://secunia.com/advisories/32694"
},
{
"url": "http://secunia.com/advisories/32695",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32695"
},
{
"url": "http://secunia.com/advisories/32713",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32713"
},
{
"url": "http://secunia.com/advisories/32721",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32721"
},
{
"url": "http://secunia.com/advisories/32778",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32778"
},
{
"url": "http://ubuntu.com/usn/usn-667-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-667-1"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230"
},
{
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-53.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-53.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0977.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0978.html"
},
{
"url": "http://www.securityfocus.com/bid/32281",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/32281"
},
{
"url": "http://www.securitytracker.com/id?1021184",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1021184"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html",
"refsource": "MISC",
"name": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html"
},
{
"url": "http://www.vupen.com/english/advisories/2008/3146",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/3146"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:0977",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0977"
},
{
"url": "https://access.redhat.com/errata/RHSA-2008:0978",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0978"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-5019",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-5019"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906%2C460983",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=459906%2C460983"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470889",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=470889"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10943",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10943"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html"
} }
] ]
} }

165
2008/7xxx/CVE-2008-7248.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-7248", "ID": "CVE-2008-7248",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain." "value": "CVE-2008-7248 rubygem-actionpack: Potential CSRF protection circumvention"
} }
] ]
}, },
@ -44,63 +21,123 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20091128 CVE request: Ruby on Rails: CSRF circumvention (from 2008)", "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/28/1"
},
{
"name": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html",
"refsource": "MISC", "refsource": "MISC",
"url": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
}, },
{ {
"name": "36600", "url": "http://secunia.com/advisories/38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36600"
},
{
"name": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/",
"refsource": "MISC", "refsource": "MISC",
"url": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/" "name": "http://secunia.com/advisories/38915"
}, },
{ {
"name": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1", "url": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en",
"refsource": "CONFIRM",
"url": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1"
},
{
"name": "ADV-2009-2544",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2544"
},
{
"name": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en",
"refsource": "MISC", "refsource": "MISC",
"url": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en" "name": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en"
}, },
{ {
"name": "SUSE-SR:2010:006", "url": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html" "name": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/"
}, },
{ {
"name": "[oss-security] 20091202 Re: CVE request: Ruby on Rails: CSRF circumvention (from 2008)", "url": "http://secunia.com/advisories/36600",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2009/12/02/2" "name": "http://secunia.com/advisories/36600"
}, },
{ {
"name": "38915", "url": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/38915" "name": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2009/11/28/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/11/28/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2009/12/02/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/02/2"
},
{
"url": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html",
"refsource": "MISC",
"name": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html"
},
{
"url": "http://www.vupen.com/english/advisories/2009/2544",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2544"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2008-7248",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-7248"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544329",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=544329"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
} }
] ]
} }

1819
2011/1xxx/CVE-2011-1096.json
View File

File diff suppressed because it is too large Load Diff

184
2011/1xxx/CVE-2011-1576.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1576", "ID": "CVE-2011-1576",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478." "value": "CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP"
} }
] ]
}, },
@ -44,43 +21,156 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.19.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.12.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.0 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.34.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.9-rt31.75.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "48907", "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/48907" "name": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
}, },
{ {
"name": "RHSA-2011:1106", "url": "https://access.redhat.com/errata/RHSA-2011:0927",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1106.html" "name": "https://access.redhat.com/errata/RHSA-2011:0927"
}, },
{ {
"name": "RHSA-2011:0927", "url": "https://access.redhat.com/errata/RHSA-2011:1253",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html" "name": "https://access.redhat.com/errata/RHSA-2011:1253"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=695173", "url": "https://access.redhat.com/errata/RHSA-2011:1189",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=695173" "name": "https://access.redhat.com/errata/RHSA-2011:1189"
}, },
{ {
"name": "RHSA-2011:1090", "url": "http://www.redhat.com/support/errata/RHSA-2011-1090.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1090.html" "name": "http://www.redhat.com/support/errata/RHSA-2011-1090.html"
}, },
{ {
"name": "1025853", "url": "http://www.redhat.com/support/errata/RHSA-2011-1106.html",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id?1025853" "name": "http://www.redhat.com/support/errata/RHSA-2011-1106.html"
},
{
"url": "http://www.securityfocus.com/bid/48907",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/48907"
},
{
"url": "http://www.securitytracker.com/id?1025853",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025853"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:1090",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1090"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:1106",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1106"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1576",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1576"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=695173",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=695173"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }

148
2011/1xxx/CVE-2011-1948.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1948", "ID": "CVE-2011-1948",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL." "value": "CVE-2011-1948 plone: A reflected cross site scripting vulnerability"
} }
] ]
}, },
@ -44,53 +21,118 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.12.2-51.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "44775", "url": "http://osvdb.org/72727",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44775" "name": "http://osvdb.org/72727"
}, },
{ {
"name": "48005", "url": "http://plone.org/products/plone/security/advisories/CVE-2011-1948",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/48005" "name": "http://plone.org/products/plone/security/advisories/CVE-2011-1948"
}, },
{ {
"name": "http://plone.org/products/plone/security/advisories/CVE-2011-1948", "url": "http://secunia.com/advisories/44775",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://plone.org/products/plone/security/advisories/CVE-2011-1948" "name": "http://secunia.com/advisories/44775"
}, },
{ {
"name": "72727", "url": "http://secunia.com/advisories/44776",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/72727" "name": "http://secunia.com/advisories/44776"
}, },
{ {
"name": "44776", "url": "http://securityreason.com/securityalert/8269",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/44776" "name": "http://securityreason.com/securityalert/8269"
}, },
{ {
"name": "8269", "url": "http://www.securityfocus.com/archive/1/518155/100/0/threaded",
"refsource": "SREASON", "refsource": "MISC",
"url": "http://securityreason.com/securityalert/8269" "name": "http://www.securityfocus.com/archive/1/518155/100/0/threaded"
}, },
{ {
"name": "plone-unspec-xss(67693)", "url": "http://www.securityfocus.com/bid/48005",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67693" "name": "http://www.securityfocus.com/bid/48005"
}, },
{ {
"name": "20110526 [CVE-REQUEST] Plone XSS and permission errors", "url": "https://access.redhat.com/errata/RHSA-2012:0151",
"refsource": "BUGTRAQ", "refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/518155/100/0/threaded" "name": "https://access.redhat.com/errata/RHSA-2012:0151"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1948",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1948"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=711494",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=711494"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67693",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67693"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
} }
] ]
} }

252
2012/3xxx/CVE-2012-3401.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3401", "ID": "CVE-2012-3401",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow." "value": "CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer"
} }
] ]
}, },
@ -44,103 +21,174 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "n/a" "value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-18.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-9.el6_3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=837577", "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837577" "name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
}, },
{ {
"name": "openSUSE-SU-2012:0955", "url": "http://secunia.com/advisories/50726",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html"
},
{
"name": "[oss-security] 20120719 tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/19/1"
},
{
"name": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830",
"refsource": "MISC", "refsource": "MISC",
"url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830" "name": "http://secunia.com/advisories/50726"
}, },
{ {
"name": "54601", "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54601"
},
{
"name": "[oss-security] 20120719 Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/19/4"
},
{
"name": "DSA-2552",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2552"
},
{
"name": "49938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49938"
},
{
"name": "50007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50007"
},
{
"name": "USN-1511-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1511-1"
},
{
"name": "GLSA-201209-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
},
{
"name": "84090",
"refsource": "OSVDB",
"url": "http://osvdb.org/84090"
},
{
"name": "libtiff-t2preadtiffinit-bo(77088)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77088"
},
{
"name": "https://bugzilla.redhat.com/attachment.cgi?id=596457",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=596457" "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
}, },
{ {
"name": "MDVSA-2012:127", "url": "http://www.debian.org/security/2012/dsa-2552",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:127" "name": "http://www.debian.org/security/2012/dsa-2552"
}, },
{ {
"name": "RHSA-2012:1590", "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1590.html" "name": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"
}, },
{ {
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" "name": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html"
}, },
{ {
"name": "50726", "url": "http://osvdb.org/84090",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/50726" "name": "http://osvdb.org/84090"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1590.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1590.html"
},
{
"url": "http://secunia.com/advisories/49938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49938"
},
{
"url": "http://secunia.com/advisories/50007",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50007"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:127",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:127"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/07/19/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/19/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/07/19/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/19/4"
},
{
"url": "http://www.securityfocus.com/bid/54601",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54601"
},
{
"url": "http://www.ubuntu.com/usn/USN-1511-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1511-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1590",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1590"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-3401",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-3401"
},
{
"url": "https://bugzilla.redhat.com/attachment.cgi?id=596457",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/attachment.cgi?id=596457"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837577",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=837577"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77088",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77088"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
} }
] ]
} }

61
2023/23xxx/CVE-2023-23110.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-23110",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-23110",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers firmware version 1.0.0.3 and earlier. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.netgear.com/about/security/",
"refsource": "MISC",
"name": "https://www.netgear.com/about/security/"
},
{
"url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SJCGkb-9o",
"refsource": "MISC",
"name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SJCGkb-9o"
} }
] ]
} }