admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:46:06 +00:00
parent 9848063ddb
commit 91413f98a4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 4356 additions and 4356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2005/0xxx/CVE-2005-0143.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0143",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0143",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks."
"lang": "eng",
"value": "Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/mfsa2005-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/mfsa2005-03.html"
"name": "12407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12407"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=257308",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=257308"
"name": "http://www.mozilla.org/security/announce/mfsa2005-03.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/mfsa2005-03.html"
},
{
"name" : "RHSA-2005:335",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-335.html"
"name": "oval:org.mitre.oval:def:100055",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100055"
},
{
"name" : "RHSA-2005:384",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-384.html"
"name": "RHSA-2005:335",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-335.html"
},
{
"name" : "12407",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12407"
"name": "oval:org.mitre.oval:def:11297",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11297"
},
{
"name" : "oval:org.mitre.oval:def:100055",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100055"
"name": "mozilla-ssl-spoofing(19166)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19166"
},
{
"name" : "oval:org.mitre.oval:def:11297",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11297"
"name": "RHSA-2005:384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-384.html"
},
{
"name" : "mozilla-ssl-spoofing(19166)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19166"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=257308",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=257308"
}
]
}

110
2005/0xxx/CVE-2005-0162.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code."
"lang": "eng",
"value": "Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050126 Openswan XAUTH/PAM Buffer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://www.idefense.com/application/poi/display?id=190&type=vulnerabilities"
"name": "FEDORA-2005-082",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-January/msg00103.html"
},
{
"name" : "http://www.openswan.org/support/vuln/IDEF0785/",
"refsource" : "CONFIRM",
"url" : "http://www.openswan.org/support/vuln/IDEF0785/"
"name": "1013014",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013014"
},
{
"name" : "FEDORA-2005-082",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-January/msg00103.html"
"name": "12377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12377"
},
{
"name" : "12377",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12377"
"name": "20050126 Openswan XAUTH/PAM Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=190&type=vulnerabilities"
},
{
"name" : "13195",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/13195"
"name": "openswan-xauth-pam-bo(19078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19078"
},
{
"name" : "1013014",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013014"
"name": "14062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14062"
},
{
"name" : "14038",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14038"
"name": "14038",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14038"
},
{
"name" : "14062",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14062"
"name": "13195",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13195"
},
{
"name" : "openswan-xauth-pam-bo(19078)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19078"
"name": "http://www.openswan.org/support/vuln/IDEF0785/",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/support/vuln/IDEF0785/"
}
]
}

86
2005/0xxx/CVE-2005-0187.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0187",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0187",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name."
"lang": "eng",
"value": "Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20041006 Patch available for high risk flaws in the AtHoc Toolbar",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=109710974324742&w=2"
"name": "20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110616363415176&w=2"
},
{
"name" : "20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110616363415176&w=2"
"name": "11341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11341"
},
{
"name" : "http://www.ngssoftware.com/advisories/athoc-01full.txt",
"refsource" : "MISC",
"url" : "http://www.ngssoftware.com/advisories/athoc-01full.txt"
"name": "20041006 Patch available for high risk flaws in the AtHoc Toolbar",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109710974324742&w=2"
},
{
"name" : "11341",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/11341"
"name": "http://www.ngssoftware.com/advisories/athoc-01full.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/athoc-01full.txt"
},
{
"name" : "athoc-toolbar-bo(17627)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17627"
"name": "athoc-toolbar-bo(17627)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17627"
}
]
}

22
2005/0xxx/CVE-2005-0714.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0714",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-0714",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0340. Reason: This candidate is a reservation duplicate of CVE-2005-0340. Notes: All CVE users should reference CVE-2005-0340 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0340. Reason: This candidate is a reservation duplicate of CVE-2005-0340. Notes: All CVE users should reference CVE-2005-0340 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

146
2005/2xxx/CVE-2005-2128.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2128",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2005-2128",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value."
"lang": "eng",
"value": "QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "AD20051011a",
"refsource" : "EEYE",
"url" : "http://www.eeye.com/html/research/advisories/AD20051011a.html"
"name": "17160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17160"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf"
"name": "oval:org.mitre.oval:def:1267",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1267"
},
{
"name" : "MS05-050",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-050"
"name": "AD20051011a",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/research/advisories/AD20051011a.html"
},
{
"name" : "TA05-284A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-284A.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf"
},
{
"name" : "VU#995220",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/995220"
"name": "VU#995220",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/995220"
},
{
"name" : "15063",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15063"
"name": "oval:org.mitre.oval:def:1149",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1149"
},
{
"name" : "18822",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18822"
"name": "18822",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18822"
},
{
"name" : "oval:org.mitre.oval:def:1149",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1149"
"name": "MS05-050",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-050"
},
{
"name" : "oval:org.mitre.oval:def:1231",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1231"
"name": "17172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17172"
},
{
"name" : "oval:org.mitre.oval:def:1267",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1267"
"name": "17509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17509"
},
{
"name" : "oval:org.mitre.oval:def:1424",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1424"
"name": "oval:org.mitre.oval:def:1434",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1434"
},
{
"name" : "oval:org.mitre.oval:def:1434",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1434"
"name": "oval:org.mitre.oval:def:1424",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1424"
},
{
"name" : "17160",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17160"
"name": "oval:org.mitre.oval:def:1231",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1231"
},
{
"name" : "17172",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17172"
"name": "TA05-284A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-284A.html"
},
{
"name" : "17509",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17509"
"name": "15063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15063"
}
]
}

22
2005/2xxx/CVE-2005-2345.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2345",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-2345",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
}
]
}

104
2005/2xxx/CVE-2005-2392.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2392",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2392",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060803 CMSimple Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442106/100/100/threaded"
"name": "1014556",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014556"
},
{
"name" : "http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html"
"name": "16147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16147"
},
{
"name" : "http://www.aria-security.net/advisory/cmsimple.txt",
"refsource" : "MISC",
"url" : "http://www.aria-security.net/advisory/cmsimple.txt"
"name": "http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html"
},
{
"name" : "http://www.cmsimple.dk/forum/viewtopic.php?t=2470",
"refsource" : "CONFIRM",
"url" : "http://www.cmsimple.dk/forum/viewtopic.php?t=2470"
"name": "http://www.cmsimple.dk/forum/viewtopic.php?t=2470",
"refsource": "CONFIRM",
"url": "http://www.cmsimple.dk/forum/viewtopic.php?t=2470"
},
{
"name" : "14346",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14346"
"name": "14346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14346"
},
{
"name" : "18128",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18128"
"name": "20060803 CMSimple Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442106/100/100/threaded"
},
{
"name" : "1014556",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014556"
"name": "http://www.aria-security.net/advisory/cmsimple.txt",
"refsource": "MISC",
"url": "http://www.aria-security.net/advisory/cmsimple.txt"
},
{
"name" : "16147",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16147"
"name": "18128",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18128"
}
]
}

22
2005/2xxx/CVE-2005-2821.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2821",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2821",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

152
2005/2xxx/CVE-2005-2872.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2872",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2872",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873."
"lang": "eng",
"value": "The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237"
"name": "18056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18056"
},
{
"name" : "http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git;a=commit;h=bcfff0b471a60df350338bcd727fc9b8a6aa54b2",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git;a=commit;h=bcfff0b471a60df350338bcd727fc9b8a6aa54b2"
"name": "MDKSA-2005:220",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220"
},
{
"name" : "DSA-922",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-922"
"name": "17073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17073"
},
{
"name" : "DSA-921",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-921"
"name": "18059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18059"
},
{
"name" : "FLSA:157459-3",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/427980/100/0/threaded"
"name": "SUSE-SA:2005:068",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/archive/1/419522/100/0/threaded"
},
{
"name" : "MDKSA-2005:219",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
"name": "DSA-922",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-922"
},
{
"name" : "MDKSA-2005:220",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220"
"name": "14791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14791"
},
{
"name" : "RHSA-2005:514",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-514.html"
"name": "DSA-921",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-921"
},
{
"name" : "SUSE-SA:2005:068",
"refsource" : "SUSE",
"url" : "http://www.securityfocus.com/archive/1/419522/100/0/threaded"
"name": "RHSA-2005:514",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-514.html"
},
{
"name" : "14791",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14791"
"name": "17826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17826"
},
{
"name" : "oval:org.mitre.oval:def:11394",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394"
"name": "oval:org.mitre.oval:def:11394",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11394"
},
{
"name" : "17918",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17918"
"name": "17918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17918"
},
{
"name" : "18056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18056"
"name": "http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git;a=commit;h=bcfff0b471a60df350338bcd727fc9b8a6aa54b2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/git/?p=linux/kernel/git/chrisw/lsm-2.6.git;a=commit;h=bcfff0b471a60df350338bcd727fc9b8a6aa54b2"
},
{
"name" : "18059",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18059"
"name": "FLSA:157459-3",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded"
},
{
"name" : "17073",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17073"
"name": "MDKSA-2005:219",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"name" : "17826",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17826"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322237"
}
]
}

22
2005/4xxx/CVE-2005-4128.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4128",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-4128",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a duplicate of CVE-2005-4092. This candidate was originally published to handle a pre-patch vague announcement, but multiple simultaneous pre-patch announcements resulted in duplicate CVEs that could not be identified until a full patch was released. Notes: All CVE users should reference CVE-2005-4092 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a duplicate of CVE-2005-4092. This candidate was originally published to handle a pre-patch vague announcement, but multiple simultaneous pre-patch announcements resulted in duplicate CVEs that could not be identified until a full patch was released. Notes: All CVE users should reference CVE-2005-4092 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

92
2005/4xxx/CVE-2005-4176.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4176",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4176",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory."
"lang": "eng",
"value": "AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051213 Bios Information Leakage",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/419610/100/0/threaded"
"name": "http://www.ivizsecurity.com/preboot-patch.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/preboot-patch.html"
},
{
"name" : "http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt",
"refsource" : "MISC",
"url" : "http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt"
"name": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf"
},
{
"name" : "http://www.ivizsecurity.com/preboot-patch.html",
"refsource" : "MISC",
"url" : "http://www.ivizsecurity.com/preboot-patch.html"
"name": "15751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15751"
},
{
"name" : "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf",
"refsource" : "MISC",
"url" : "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf"
"name": "20051213 Bios Information Leakage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419610/100/0/threaded"
},
{
"name" : "VU#847537",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/847537"
"name": "VU#847537",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/847537"
},
{
"name" : "15751",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15751"
"name": "http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt",
"refsource": "MISC",
"url": "http://www.pulltheplug.org/users/endrazine/Bios.Information.Leakage.txt"
}
]
}

74
2005/4xxx/CVE-2005-4308.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4308",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4308",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter."
"lang": "eng",
"value": "index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2005/12/ezupload-pro-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/ezupload-pro-vuln.html"
"name": "21911",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21911"
},
{
"name" : "15918",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15918"
"name": "15918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15918"
},
{
"name" : "21911",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21911"
"name": "http://pridels0.blogspot.com/2005/12/ezupload-pro-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/ezupload-pro-vuln.html"
}
]
}

22
2005/4xxx/CVE-2005-4544.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4544",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-4544",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
}
]
}

80
2005/4xxx/CVE-2005-4686.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4686",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4686",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information."
"lang": "eng",
"value": "PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt",
"refsource" : "CONFIRM",
"url" : "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt"
"name": "17433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17433"
},
{
"name" : "15328",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15328"
"name": "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt",
"refsource": "CONFIRM",
"url": "http://www.punbb.org/changelogs/1.2.9_to_1.2.10.txt"
},
{
"name" : "17425",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17425"
"name": "15328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15328"
},
{
"name" : "17433",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17433"
"name": "17425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17425"
}
]
}

74
2005/4xxx/CVE-2005-4737.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4737",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4737",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by \"abnormally\" terminating a connection, which prevents db2agents from being properly cleared."
"lang": "eng",
"value": "IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by \"abnormally\" terminating a connection, which prevents db2agents from being properly cleared."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "IY71587",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
"name": "15126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15126"
},
{
"name" : "15126",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15126"
"name": "IY71587",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
},
{
"name" : "17031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17031"
"name": "17031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17031"
}
]
}

110
2005/4xxx/CVE-2005-4784.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4784",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4784",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with a larger maximum directory-entry name length, or (2) possibly via programmer-introduced errors on operating systems with a small struct dirent, such as Solaris or BeOS, as demonstrated in packages including (a) gcj, (b) KDE, (c) libwww, (d) the Rudiments library, (e) teTeX, (f) xmail, (g) bfbtester, (h) ncftp, (i) netwib, (j) OpenOffice.org, (k) Pike, (l) reprepro, (m) Tcl, and (n) xgsmlib."
"lang": "eng",
"value": "Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with a larger maximum directory-entry name length, or (2) possibly via programmer-introduced errors on operating systems with a small struct dirent, such as Solaris or BeOS, as demonstrated in packages including (a) gcj, (b) KDE, (c) libwww, (d) the Rudiments library, (e) teTeX, (f) xmail, (g) bfbtester, (h) ncftp, (i) netwib, (j) OpenOffice.org, (k) Pike, (l) reprepro, (m) Tcl, and (n) xgsmlib."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051101 readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/415781"
"name": "20051106 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/416002/30/0/threaded"
},
{
"name" : "20051105 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/415790/30/0/threaded"
"name": "20051101 readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415781"
},
{
"name" : "20051105 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/415995/30/0/threaded"
"name": "20051105 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415790/30/0/threaded"
},
{
"name" : "20051106 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/415998/30/0/threaded"
"name": "15259",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15259"
},
{
"name" : "20051106 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/415999/30/0/threaded"
"name": "20051106 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415999/30/0/threaded"
},
{
"name" : "20051106 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/416002/30/0/threaded"
"name": "20051106 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415998/30/0/threaded"
},
{
"name" : "20051108 Re: readdir_r considered harmful",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/416048/30/0/threaded"
"name": "20051105 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415995/30/0/threaded"
},
{
"name" : "http://womble.decadentplace.org.uk/readdir_r-advisory.html",
"refsource" : "MISC",
"url" : "http://womble.decadentplace.org.uk/readdir_r-advisory.html"
"name": "http://womble.decadentplace.org.uk/readdir_r-advisory.html",
"refsource": "MISC",
"url": "http://womble.decadentplace.org.uk/readdir_r-advisory.html"
},
{
"name" : "15259",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15259"
"name": "20051108 Re: readdir_r considered harmful",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/416048/30/0/threaded"
}
]
}

284
2009/0xxx/CVE-2009-0676.json
View File

@ -1,246 +1,246 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0676",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0676",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request."
"lang": "eng",
"value": "The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
"name": "35390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35390"
},
{
"name" : "[linux-kernel] 20090212 [PATCH] 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2",
"refsource" : "MLIST",
"url" : "http://lkml.org/lkml/2009/2/12/123"
"name": "kernel-sock-information-disclosure(48847)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48847"
},
{
"name" : "[oss-security] 20090220 CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2009/02/20/1"
"name": "[oss-security] 20090220 CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/02/20/1"
},
{
"name" : "[linux-kernel] 20090223 net: amend the fix for SO_BSDCOMPAT gsopt infoleak",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-kernel&m=123540732700371&w=2"
"name": "34502",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34502"
},
{
"name" : "[oss-security] 20090224 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/02/24/1"
"name": "RHSA-2009:0326",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0326.html"
},
{
"name" : "[oss-security] 20090302 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/03/02/6"
"name": "34786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34786"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da"
"name": "34962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34962"
},
{
"name" : "http://patchwork.kernel.org/patch/6816/",
"refsource" : "CONFIRM",
"url" : "http://patchwork.kernel.org/patch/6816/"
"name": "oval:org.mitre.oval:def:8618",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8618"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6"
"name": "37471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37471"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=486305",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=486305"
"name": "RHSA-2009:0360",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0360.html"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
"name": "RHSA-2009:0459",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"
},
{
"name" : "DSA-1749",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1749"
"name": "[oss-security] 20090302 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/03/02/6"
},
{
"name" : "DSA-1787",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1787"
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name" : "DSA-1794",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1794"
"name": "DSA-1749",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1749"
},
{
"name" : "MDVSA-2009:071",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:071"
"name": "http://patchwork.kernel.org/patch/6816/",
"refsource": "CONFIRM",
"url": "http://patchwork.kernel.org/patch/6816/"
},
{
"name" : "RHSA-2009:0360",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0360.html"
"name": "DSA-1794",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1794"
},
{
"name" : "RHSA-2009:0326",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0326.html"
"name": "[linux-kernel] 20090223 net: amend the fix for SO_BSDCOMPAT gsopt infoleak",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=123540732700371&w=2"
},
{
"name" : "RHSA-2009:0459",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2009-0459.html"
"name": "33758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33758"
},
{
"name" : "SUSE-SA:2009:021",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00007.html"
"name": "SUSE-SA:2009:030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
},
{
"name" : "SUSE-SA:2009:030",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
"name": "USN-751-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-751-1"
},
{
"name" : "SUSE-SA:2009:031",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
"name": "oval:org.mitre.oval:def:11653",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11653"
},
{
"name" : "USN-751-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-751-1"
"name": "33846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33846"
},
{
"name" : "33846",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33846"
"name": "35011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35011"
},
{
"name" : "oval:org.mitre.oval:def:11653",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11653"
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name" : "oval:org.mitre.oval:def:8618",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8618"
"name": "[oss-security] 20090224 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/24/1"
},
{
"name" : "34394",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34394"
"name": "SUSE-SA:2009:031",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
},
{
"name" : "33758",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33758"
"name": "SUSE-SA:2009:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00007.html"
},
{
"name" : "34502",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34502"
"name": "[linux-kernel] 20090212 [PATCH] 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/2/12/123"
},
{
"name" : "34680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34680"
"name": "34981",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34981"
},
{
"name" : "34786",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34786"
"name": "34394",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34394"
},
{
"name" : "34962",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34962"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da"
},
{
"name" : "34981",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34981"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=486305",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486305"
},
{
"name" : "35011",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35011"
"name": "DSA-1787",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1787"
},
{
"name" : "35390",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35390"
"name": "MDVSA-2009:071",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:071"
},
{
"name" : "35394",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35394"
"name": "34680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34680"
},
{
"name" : "37471",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37471"
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name" : "ADV-2009-3316",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3316"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.6"
},
{
"name" : "kernel-sock-information-disclosure(48847)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48847"
"name": "35394",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35394"
}
]
}

68
2009/2xxx/CVE-2009-2307.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2307",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2307",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php."
"lang": "eng",
"value": "SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9056",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9056"
"name": "cwguestbook-modules-sql-injection(51478)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51478"
},
{
"name" : "cwguestbook-modules-sql-injection(51478)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51478"
"name": "9056",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9056"
}
]
}

86
2009/2xxx/CVE-2009-2854.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2854",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2854",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/."
"lang": "eng",
"value": "Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090804 CVE request: Wordpress",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/08/04/5"
"name": "[oss-security] 20090804 CVE request: Wordpress",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/04/5"
},
{
"name" : "http://core.trac.wordpress.org/changeset/11765",
"refsource" : "CONFIRM",
"url" : "http://core.trac.wordpress.org/changeset/11765"
"name": "http://core.trac.wordpress.org/changeset/11765",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/changeset/11765"
},
{
"name" : "http://core.trac.wordpress.org/changeset/11766",
"refsource" : "CONFIRM",
"url" : "http://core.trac.wordpress.org/changeset/11766"
"name": "DSA-1871",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1871"
},
{
"name" : "http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/",
"refsource" : "CONFIRM",
"url" : "http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/"
"name": "http://core.trac.wordpress.org/changeset/11766",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/changeset/11766"
},
{
"name" : "DSA-1871",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1871"
"name": "http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/"
}
]
}

92
2009/2xxx/CVE-2009-2988.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2988",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2988",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors."
"lang": "eng",
"value": "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
"name": "36638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36638"
},
{
"name" : "TA09-286B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
"name": "TA09-286B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name" : "36638",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36638"
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name" : "oval:org.mitre.oval:def:6483",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6483"
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name" : "1023007",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023007"
"name": "oval:org.mitre.oval:def:6483",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6483"
},
{
"name" : "ADV-2009-2898",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2898"
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
}
]
}

80
2009/3xxx/CVE-2009-3176.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3176",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3176",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.1, \"Novell iPrint Client 4.38 ActiveX exploit.\" NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
"lang": "eng",
"value": "Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.1, \"Novell iPrint Client 4.38 ActiveX exploit.\" NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://intevydis.com/vd-list.shtml",
"refsource" : "MISC",
"url" : "http://intevydis.com/vd-list.shtml"
"name": "36579",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36579"
},
{
"name" : "36231",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36231"
"name": "57922",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/57922"
},
{
"name" : "57922",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/57922"
"name": "36231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36231"
},
{
"name" : "36579",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36579"
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
}
]
}

68
2009/3xxx/CVE-2009-3507.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3507",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3507",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9311",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9311"
"name": "9311",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9311"
},
{
"name" : "36075",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36075"
"name": "36075",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36075"
}
]
}

80
2009/3xxx/CVE-2009-3582.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3582",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3582",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091221 SQL-Ledger â?? several vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/508559/100/0/threaded"
"name": "20091221 SQL-Ledger â?? several vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508559/100/0/threaded"
},
{
"name" : "37431",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37431"
"name": "sqlledger-id-sql-injection(54966)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54966"
},
{
"name" : "37877",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37877"
"name": "37877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37877"
},
{
"name" : "sqlledger-id-sql-injection(54966)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54966"
"name": "37431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37431"
}
]
}

170
2009/3xxx/CVE-2009-3607.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3607",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3607",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20091130 Need more information on recent poppler issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/01/1"
"name": "DSA-1941",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1941"
},
{
"name" : "[oss-security] 20091130 Re: Need more information on recent poppler issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/01/5"
"name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
},
{
"name" : "[oss-security] 20091201 Re: Need more information on recent poppler issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/12/01/6"
"name": "FEDORA-2009-10823",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
},
{
"name" : "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706",
"refsource" : "CONFIRM",
"url" : "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
"name": "36718",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36718"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=526924",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
"name": "[oss-security] 20091130 Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
},
{
"name" : "DSA-1941",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1941"
"name": "poppler-createsurfacefromthumbnaildata-bo(53801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
},
{
"name" : "FEDORA-2009-10823",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
"name": "37159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37159"
},
{
"name" : "FEDORA-2009-10845",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
"name": "37054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37054"
},
{
"name" : "MDVSA-2011:175",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526924",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
},
{
"name" : "274030",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name" : "1021706",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"name": "FEDORA-2009-10845",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
},
{
"name" : "USN-850-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-850-1"
"name": "37114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37114"
},
{
"name" : "USN-850-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-850-3"
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name" : "36718",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36718"
"name": "USN-850-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-3"
},
{
"name" : "37054",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37054"
"name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
},
{
"name" : "37159",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37159"
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name" : "37114",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37114"
"name": "USN-850-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-1"
},
{
"name" : "ADV-2009-2925",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2925"
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
},
{
"name" : "poppler-createsurfacefromthumbnaildata-bo(53801)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
"name": "ADV-2009-2925",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2925"
}
]
}

284
2009/3xxx/CVE-2009-3736.json
View File

@ -1,246 +1,246 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3736",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-3736",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file."
"lang": "eng",
"value": "ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[libtool] 20091116 Backport of libltdl changes to branch-1-5",
"refsource" : "MLIST",
"url" : "http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html"
"name": "GLSA-201311-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
},
{
"name" : "[libtool] 20091116 GNU Libtool 2.2.6b released",
"refsource" : "MLIST",
"url" : "http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html"
"name": "MDVSA-2010:105",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:105"
},
{
"name" : "ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz"
"name": "FEDORA-2010-1872",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035133.html"
},
{
"name" : "http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec",
"refsource" : "CONFIRM",
"url" : "http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec"
"name": "MDVSA-2010:091",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:091"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=537941",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=537941"
"name": "http://support.avaya.com/css/P8/documents/100074869",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100074869"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100074869",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100074869"
"name": "ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz",
"refsource": "CONFIRM",
"url": "ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz"
},
{
"name" : "http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup",
"refsource" : "CONFIRM",
"url" : "http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup"
"name": "39299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39299"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"name": "38577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38577"
},
{
"name" : "FEDORA-2010-1872",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035133.html"
"name": "38617",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38617"
},
{
"name" : "FEDORA-2010-1924",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035168.html"
"name": "MDVSA-2010:035",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:035"
},
{
"name" : "FEDORA-2009-12813",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01512.html"
"name": "37414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37414"
},
{
"name" : "FEDORA-2011-1958",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054915.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=537941",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=537941"
},
{
"name" : "FEDORA-2011-1967",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054921.html"
"name": "http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup",
"refsource": "CONFIRM",
"url": "http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup"
},
{
"name" : "FEDORA-2011-1990",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054656.html"
"name": "55721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55721"
},
{
"name" : "GLSA-201311-10",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201311-10.xml"
"name": "FEDORA-2010-1924",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035168.html"
},
{
"name" : "MDVSA-2009:307",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:307"
"name": "38190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38190"
},
{
"name" : "MDVSA-2010:035",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:035"
"name": "oval:org.mitre.oval:def:6951",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6951"
},
{
"name" : "MDVSA-2010:091",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:091"
"name": "http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec"
},
{
"name" : "MDVSA-2010:105",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:105"
"name": "FEDORA-2009-12813",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01512.html"
},
{
"name" : "RHSA-2010:0095",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
"name": "FEDORA-2011-1967",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054921.html"
},
{
"name" : "RHSA-2010:0039",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0039.html"
"name": "RHSA-2010:0039",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0039.html"
},
{
"name" : "SUSE-SR:2010:006",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
"name": "MDVSA-2009:307",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:307"
},
{
"name" : "37128",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37128"
"name": "SUSE-SR:2010:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name" : "oval:org.mitre.oval:def:11687",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11687"
"name": "FEDORA-2011-1990",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054656.html"
},
{
"name" : "oval:org.mitre.oval:def:6951",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6951"
"name": "43617",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43617"
},
{
"name" : "37414",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37414"
"name": "FEDORA-2011-1958",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054915.html"
},
{
"name" : "37489",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37489"
"name": "[libtool] 20091116 GNU Libtool 2.2.6b released",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html"
},
{
"name" : "38577",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38577"
"name": "ADV-2011-0574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0574"
},
{
"name" : "38617",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38617"
"name": "37128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37128"
},
{
"name" : "38696",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38696"
"name": "[libtool] 20091116 Backport of libltdl changes to branch-1-5",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html"
},
{
"name" : "38915",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38915"
"name": "37489",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37489"
},
{
"name" : "38190",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38190"
"name": "39347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39347"
},
{
"name" : "39299",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39299"
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name" : "39347",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39347"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name" : "37997",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37997"
"name": "oval:org.mitre.oval:def:11687",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11687"
},
{
"name" : "43617",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43617"
"name": "38696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38696"
},
{
"name" : "55721",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55721"
"name": "37997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37997"
},
{
"name" : "ADV-2011-0574",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0574"
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
}
]
}

104
2009/4xxx/CVE-2009-4235.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4235",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4235",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033."
"lang": "eng",
"value": "acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=515062",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=515062"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=542926",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=542926"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=542926",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=542926"
"name": "1023284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023284"
},
{
"name" : "DSA-1960",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1960"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=515062",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515062"
},
{
"name" : "MDVSA-2009:342",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:342"
"name": "DSA-1960",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1960"
},
{
"name" : "MDVSA-2009:343",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:343"
"name": "acpid-umask-weak-security(54676)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54676"
},
{
"name" : "RHSA-2009:1642",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1642.html"
"name": "RHSA-2009:1642",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1642.html"
},
{
"name" : "1023284",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023284"
"name": "MDVSA-2009:343",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:343"
},
{
"name" : "acpid-umask-weak-security(54676)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54676"
"name": "MDVSA-2009:342",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:342"
}
]
}

86
2009/4xxx/CVE-2009-4428.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4428",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4428",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php."
"lang": "eng",
"value": "SQL injection vulnerability in the JoomPortfolio (com_joomportfolio) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the secid parameter in a showcat action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/0912-exploits/joomlaportfolio-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0912-exploits/joomlaportfolio-sql.txt"
"name": "37403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37403"
},
{
"name" : "37403",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37403"
"name": "http://packetstormsecurity.org/0912-exploits/joomlaportfolio-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0912-exploits/joomlaportfolio-sql.txt"
},
{
"name" : "61138",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/61138"
"name": "joomportfolio-secid-sql-injection(54912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54912"
},
{
"name" : "37838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37838"
"name": "37838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37838"
},
{
"name" : "joomportfolio-secid-sql-injection(54912)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54912"
"name": "61138",
"refsource": "OSVDB",
"url": "http://osvdb.org/61138"
}
]
}

80
2009/4xxx/CVE-2009-4502.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4502",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4502",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses."
"lang": "eng",
"value": "The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091213 Zabbix Agent : Bypass of EnableRemoteCommands=0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/508439"
"name": "20091213 Zabbix Agent : Bypass of EnableRemoteCommands=0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508439"
},
{
"name" : "https://support.zabbix.com/browse/ZBX-1032",
"refsource" : "CONFIRM",
"url" : "https://support.zabbix.com/browse/ZBX-1032"
"name": "https://support.zabbix.com/browse/ZBX-1032",
"refsource": "CONFIRM",
"url": "https://support.zabbix.com/browse/ZBX-1032"
},
{
"name" : "37740",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37740"
"name": "37740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37740"
},
{
"name" : "ADV-2009-3514",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3514"
"name": "ADV-2009-3514",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3514"
}
]
}

104
2009/4xxx/CVE-2009-4529.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs."
"lang": "eng",
"value": "InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://freetexthost.com/n5l0h34pxc",
"refsource" : "MISC",
"url" : "http://freetexthost.com/n5l0h34pxc"
"name": "37014",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37014"
},
{
"name" : "http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.html",
"refsource" : "MISC",
"url" : "http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.html"
"name": "ADV-2009-2927",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2927"
},
{
"name" : "http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt",
"refsource" : "MISC",
"url" : "http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt"
"name": "http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.html",
"refsource": "MISC",
"url": "http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.html"
},
{
"name" : "36705",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36705"
"name": "navicopa-source-information-disclosure(53799)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53799"
},
{
"name" : "58949",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/58949"
"name": "http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt"
},
{
"name" : "37014",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37014"
"name": "http://freetexthost.com/n5l0h34pxc",
"refsource": "MISC",
"url": "http://freetexthost.com/n5l0h34pxc"
},
{
"name" : "ADV-2009-2927",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2927"
"name": "36705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36705"
},
{
"name" : "navicopa-source-information-disclosure(53799)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53799"
"name": "58949",
"refsource": "OSVDB",
"url": "http://osvdb.org/58949"
}
]
}

92
2009/4xxx/CVE-2009-4573.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4573",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4573",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "61343",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/61343"
"name": "61343",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61343"
},
{
"name" : "61344",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/61344"
"name": "joomulus-tagcloud-xss(55156)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55156"
},
{
"name" : "61345",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/61345"
"name": "61344",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61344"
},
{
"name" : "61346",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/61346"
"name": "37994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37994"
},
{
"name" : "37994",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37994"
"name": "61346",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61346"
},
{
"name" : "joomulus-tagcloud-xss(55156)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55156"
"name": "61345",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61345"
}
]
}

74
2009/4xxx/CVE-2009-4619.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4619",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4619",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9614",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9614"
"name": "lucygames-index-sql-injection(53117)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53117"
},
{
"name" : "36334",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36334"
"name": "9614",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9614"
},
{
"name" : "lucygames-index-sql-injection(53117)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53117"
"name": "36334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36334"
}
]
}

134
2015/0xxx/CVE-2015-0192.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0192",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0192",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
"name": "RHSA-2015:1007",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name" : "IV70682",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
"name": "RHSA-2015:1006",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name" : "IV70683",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
"name": "IV70683",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"name" : "RHSA-2015:1006",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
"name": "RHSA-2015:1091",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"name" : "RHSA-2015:1007",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name" : "RHSA-2015:1020",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
"name": "SUSE-SU-2015:1138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name" : "RHSA-2015:1021",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
"name": "RHSA-2015:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name" : "RHSA-2015:1091",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
"name": "SUSE-SU-2015:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name" : "SUSE-SU-2015:1085",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
"name": "IV70682",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"name" : "SUSE-SU-2015:1086",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
"name": "SUSE-SU-2015:1085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name" : "SUSE-SU-2015:1138",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
"name": "RHSA-2015:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name" : "SUSE-SU-2015:1161",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
"name": "SUSE-SU-2015:1073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name" : "SUSE-SU-2015:1073",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
"name": "SUSE-SU-2015:1161",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
}
]
}

68
2015/0xxx/CVE-2015-0426.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0426",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0426",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.3 and 12.1.0.4 allows remote attackers to affect confidentiality via unknown vectors related to UI Framework."
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.3 and 12.1.0.4 allows remote attackers to affect confidentiality via unknown vectors related to UI Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "72235",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72235"
"name": "72235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72235"
}
]
}

188
2015/0xxx/CVE-2015-0822.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0822",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2015-0822",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code."
"lang": "eng",
"value": "The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-24.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-24.html"
"name": "SUSE-SU-2015:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1110557",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1110557"
"name": "SUSE-SU-2015:0447",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
"name": "RHSA-2015:0642",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0642.html"
},
{
"name" : "DSA-3174",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3174"
"name": "openSUSE-SU-2015:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html"
},
{
"name" : "DSA-3179",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3179"
"name": "USN-2506-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2506-1"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
"name": "openSUSE-SU-2015:0567",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html"
},
{
"name" : "RHSA-2015:0265",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0265.html"
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "RHSA-2015:0266",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0266.html"
"name": "openSUSE-SU-2015:0404",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html"
},
{
"name" : "RHSA-2015:0642",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0642.html"
"name": "RHSA-2015:0265",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0265.html"
},
{
"name" : "SUSE-SU-2015:0412",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html"
"name": "1031792",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031792"
},
{
"name" : "SUSE-SU-2015:0446",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html"
"name": "DSA-3174",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3174"
},
{
"name" : "SUSE-SU-2015:0447",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name" : "openSUSE-SU-2015:0448",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html"
"name": "openSUSE-SU-2015:1266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name" : "openSUSE-SU-2015:0404",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html"
"name": "DSA-3179",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3179"
},
{
"name" : "openSUSE-SU-2015:0567",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html"
"name": "RHSA-2015:0266",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0266.html"
},
{
"name" : "openSUSE-SU-2015:0570",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html"
"name": "1031791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031791"
},
{
"name" : "openSUSE-SU-2015:1266",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-24.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-24.html"
},
{
"name" : "USN-2505-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2505-1"
"name": "72756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72756"
},
{
"name" : "USN-2506-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2506-1"
"name": "openSUSE-SU-2015:0570",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html"
},
{
"name" : "72756",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72756"
"name": "USN-2505-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2505-1"
},
{
"name" : "1031791",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031791"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1110557",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1110557"
},
{
"name" : "1031792",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031792"
"name": "SUSE-SU-2015:0412",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html"
}
]
}

22
2015/1xxx/CVE-2015-1045.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1045",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-1045",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

80
2015/1xxx/CVE-2015-1131.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1131",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-1131",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135."
"lang": "eng",
"value": "fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT204659",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204659"
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name" : "APPLE-SA-2015-04-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
"name": "73982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73982"
},
{
"name" : "73982",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73982"
"name": "1032048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032048"
},
{
"name" : "1032048",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032048"
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
}
]
}

116
2015/1xxx/CVE-2015-1256.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1256",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1256",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shadow tree for a use element."
"lang": "eng",
"value": "Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shadow tree for a use element."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html"
"name": "openSUSE-SU-2015:0969",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=478549",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=478549"
"name": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html"
},
{
"name" : "https://codereview.chromium.org/1098913004",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1098913004"
"name": "https://codereview.chromium.org/1098913004",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1098913004"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=194421&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=194421&view=revision"
"name": "GLSA-201506-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-04"
},
{
"name" : "DSA-3267",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3267"
"name": "openSUSE-SU-2015:1877",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html"
},
{
"name" : "GLSA-201506-04",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201506-04"
"name": "1032375",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032375"
},
{
"name" : "openSUSE-SU-2015:1877",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html"
"name": "DSA-3267",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3267"
},
{
"name" : "openSUSE-SU-2015:0969",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html"
"name": "74723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74723"
},
{
"name" : "74723",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74723"
"name": "https://src.chromium.org/viewvc/blink?revision=194421&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=194421&view=revision"
},
{
"name" : "1032375",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032375"
"name": "https://code.google.com/p/chromium/issues/detail?id=478549",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=478549"
}
]
}

116
2015/1xxx/CVE-2015-1286.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1286",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1286",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink \"Universal XSS (UXSS).\""
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink \"Universal XSS (UXSS).\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
"name": "RHSA-2015:1499",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=504011",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=504011"
"name": "https://codereview.chromium.org/1235863003/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1235863003/"
},
{
"name" : "https://codereview.chromium.org/1231803002/",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1231803002/"
"name": "openSUSE-SU-2015:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name" : "https://codereview.chromium.org/1235863003/",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1235863003/"
"name": "1033031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name" : "DSA-3315",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3315"
"name": "https://code.google.com/p/chromium/issues/detail?id=504011",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=504011"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "RHSA-2015:1499",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
"name": "https://codereview.chromium.org/1231803002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1231803002/"
},
{
"name" : "openSUSE-SU-2015:1287",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
"name": "75973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"name" : "75973",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75973"
"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name" : "1033031",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033031"
"name": "DSA-3315",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3315"
}
]
}

80
2015/1xxx/CVE-2015-1813.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1813",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1813",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1205615",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1205615"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615"
},
{
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23",
"refsource" : "CONFIRM",
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23"
"name": "RHSA-2016:0070",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"name" : "RHSA-2015:1844",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1844.html"
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23"
},
{
"name" : "RHSA-2016:0070",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:0070"
"name": "RHSA-2015:1844",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html"
}
]
}

98
2015/5xxx/CVE-2015-5735.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5735",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5735",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call."
"lang": "eng",
"value": "The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536369/100/0/threaded"
"name": "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities"
},
{
"name" : "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Sep/0"
"name": "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html"
},
{
"name" : "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities"
"name": "1033439",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033439"
},
{
"name" : "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html"
"name": "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient"
},
{
"name" : "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient",
"refsource" : "CONFIRM",
"url" : "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient"
"name": "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536369/100/0/threaded"
},
{
"name" : "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient",
"refsource" : "CONFIRM",
"url" : "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient"
"name": "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient"
},
{
"name" : "1033439",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033439"
"name": "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Sep/0"
}
]
}

74
2015/5xxx/CVE-2015-5786.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5786",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-5786",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5785."
"lang": "eng",
"value": "Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5785."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205046",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205046"
"name": "https://support.apple.com/HT205046",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205046"
},
{
"name" : "APPLE-SA-2015-08-20-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html"
"name": "1033346",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033346"
},
{
"name" : "1033346",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033346"
"name": "APPLE-SA-2015-08-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html"
}
]
}

74
2015/5xxx/CVE-2015-5836.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5836",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-5836",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app."
"lang": "eng",
"value": "Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205267",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205267"
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name" : "APPLE-SA-2015-09-30-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name" : "1033703",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033703"
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
}
]
}

22
2018/3xxx/CVE-2018-3314.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3314",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3314",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/3xxx/CVE-2018-3530.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3530",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3530",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/3xxx/CVE-2018-3537.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3537",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3537",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2018/3xxx/CVE-2018-3715.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2018-3715",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2018-3715",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "glance node module",
"version" : {
"version_data" : [
"product_name": "glance node module",
"version": {
"version_data": [
{
"version_value" : "Versions before 3.0.4"
"version_value": "Versions before 3.0.4"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
"vendor_name": "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "glance node module before 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path."
"lang": "eng",
"value": "glance node module before 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Path Traversal (CWE-22)"
"lang": "eng",
"value": "Path Traversal (CWE-22)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/jarofghosts/glance/commit/8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19",
"refsource" : "MISC",
"url" : "https://github.com/jarofghosts/glance/commit/8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19"
"name": "https://hackerone.com/reports/310106",
"refsource": "MISC",
"url": "https://hackerone.com/reports/310106"
},
{
"name" : "https://hackerone.com/reports/310106",
"refsource" : "MISC",
"url" : "https://hackerone.com/reports/310106"
"name": "https://github.com/jarofghosts/glance/commit/8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19",
"refsource": "MISC",
"url": "https://github.com/jarofghosts/glance/commit/8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19"
}
]
}

22
2018/6xxx/CVE-2018-6148.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6148",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6148",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2018/6xxx/CVE-2018-6336.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@fb.com",
"DATE_ASSIGNED" : "2018-04-26",
"ID" : "CVE-2018-6336",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2018-04-26",
"ID": "CVE-2018-6336",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "osquery",
"version" : {
"version_data" : [
"product_name": "osquery",
"version": {
"version_data": [
{
"version_affected" : "!=>",
"version_value" : "3.2.7"
"version_affected": "!=>",
"version_value": "3.2.7"
},
{
"version_affected" : "<",
"version_value" : "3.2.7"
"version_affected": "<",
"version_value": "3.2.7"
}
]
}
}
]
},
"vendor_name" : "Facebook"
"vendor_name": "Facebook"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7"
"lang": "eng",
"value": "An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Security Features (CWE-254)"
"lang": "eng",
"value": "Security Features (CWE-254)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/",
"refsource" : "MISC",
"url" : "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/"
"name": "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/",
"refsource": "MISC",
"url": "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/"
}
]
}

68
2018/6xxx/CVE-2018-6362.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6362",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6362",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie."
"lang": "eng",
"value": "Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-XSS-COOKIE-THEFT.txt",
"refsource" : "MISC",
"url" : "http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-XSS-COOKIE-THEFT.txt"
"name": "http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-XSS-COOKIE-THEFT.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-XSS-COOKIE-THEFT.txt"
},
{
"name" : "http://packetstormsecurity.com/files/147554/Easy-Hosting-Control-Panel-0.37.12.b-Cross-Site-Scripting-Cookie-Theft.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/147554/Easy-Hosting-Control-Panel-0.37.12.b-Cross-Site-Scripting-Cookie-Theft.html"
"name": "http://packetstormsecurity.com/files/147554/Easy-Hosting-Control-Panel-0.37.12.b-Cross-Site-Scripting-Cookie-Theft.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/147554/Easy-Hosting-Control-Panel-0.37.12.b-Cross-Site-Scripting-Cookie-Theft.html"
}
]
}

22
2018/7xxx/CVE-2018-7340.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7340",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7340",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/7xxx/CVE-2018-7434.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7434",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7434",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "zzcms 8.2 allows remote attackers to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php."
"lang": "eng",
"value": "zzcms 8.2 allows remote attackers to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/kongxin520/zzcms/blob/master/zzcms_8.2_bug.md",
"refsource" : "MISC",
"url" : "https://github.com/kongxin520/zzcms/blob/master/zzcms_8.2_bug.md"
"name": "https://github.com/kongxin520/zzcms/blob/master/zzcms_8.2_bug.md",
"refsource": "MISC",
"url": "https://github.com/kongxin520/zzcms/blob/master/zzcms_8.2_bug.md"
}
]
}

62
2018/7xxx/CVE-2018-7732.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7732",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7732",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html."
"lang": "eng",
"value": "An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/SQYY/CVE/blob/master/YxtCMF_S.txt",
"refsource" : "MISC",
"url" : "https://github.com/SQYY/CVE/blob/master/YxtCMF_S.txt"
"name": "https://github.com/SQYY/CVE/blob/master/YxtCMF_S.txt",
"refsource": "MISC",
"url": "https://github.com/SQYY/CVE/blob/master/YxtCMF_S.txt"
}
]
}

62
2018/7xxx/CVE-2018-7956.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@huawei.com",
"ID" : "CVE-2018-7956",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7956",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Huawei VIP App",
"version" : {
"version_data" : [
"product_name": "Huawei VIP App",
"version": {
"version_data": [
{
"version_value" : "versions before 4.0.5"
"version_value": "versions before 4.0.5"
}
]
}
}
]
},
"vendor_name" : "Huawei Technologies Co., Ltd."
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information."
"lang": "eng",
"value": "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "information leakage"
"lang": "eng",
"value": "information leakage"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
}
]
}

76
2018/8xxx/CVE-2018-8448.json
View File

@ -1,74 +1,74 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8448",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8448",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Exchange Server",
"version" : {
"version_data" : [
"product_name": "Microsoft Exchange Server",
"version": {
"version_data": [
{
"version_value" : "2013 Cumulative Update 21"
"version_value": "2013 Cumulative Update 21"
},
{
"version_value" : "2016 Cumulative Update 10"
"version_value": "2016 Cumulative Update 10"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka \"Microsoft Exchange Server Elevation of Privilege Vulnerability.\" This affects Microsoft Exchange Server."
"lang": "eng",
"value": "An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka \"Microsoft Exchange Server Elevation of Privilege Vulnerability.\" This affects Microsoft Exchange Server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8448",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8448"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8448",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8448"
},
{
"name" : "105492",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105492"
"name": "1041836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041836"
},
{
"name" : "1041836",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041836"
"name": "105492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105492"
}
]
}

96
2018/8xxx/CVE-2018-8554.json
View File

@ -1,100 +1,100 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8554",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8554",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows 10 Servers",
"version" : {
"version_data" : [
"product_name": "Windows 10 Servers",
"version": {
"version_data": [
{
"version_value" : "version 1803 (Server Core Installation)"
"version_value": "version 1803 (Server Core Installation)"
}
]
}
},
{
"product_name" : "Windows 10",
"version" : {
"version_data" : [
"product_name": "Windows 10",
"version": {
"version_data": [
{
"version_value" : "Version 1803 for 32-bit Systems"
"version_value": "Version 1803 for 32-bit Systems"
},
{
"version_value" : "Version 1803 for x64-based Systems"
"version_value": "Version 1803 for x64-based Systems"
},
{
"version_value" : "Version 1809 for 32-bit Systems"
"version_value": "Version 1809 for 32-bit Systems"
},
{
"version_value" : "Version 1809 for x64-based Systems"
"version_value": "Version 1809 for x64-based Systems"
}
]
}
},
{
"product_name" : "Windows Server 2019",
"version" : {
"version_data" : [
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_value" : "(Server Core installation)"
"version_value": "(Server Core installation)"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka \"DirectX Elevation of Privilege Vulnerability.\" This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561."
"lang": "eng",
"value": "An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka \"DirectX Elevation of Privilege Vulnerability.\" This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8554",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8554"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8554",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8554"
},
{
"name" : "105811",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105811"
"name": "105811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105811"
},
{
"name" : "1042135",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1042135"
"name": "1042135",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042135"
}
]
}

62
2018/8xxx/CVE-2018-8727.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8727",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8727",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver."
"lang": "eng",
"value": "Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.onvio.nl/nieuws/cve-mirasys-vulnerability",
"refsource" : "MISC",
"url" : "https://www.onvio.nl/nieuws/cve-mirasys-vulnerability"
"name": "https://www.onvio.nl/nieuws/cve-mirasys-vulnerability",
"refsource": "MISC",
"url": "https://www.onvio.nl/nieuws/cve-mirasys-vulnerability"
}
]
}