admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:03:41 +00:00
parent f9277e4046
commit 98c016d997
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3342 additions and 3345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
2001/0xxx/CVE-2001-0404.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0404", "ID": "CVE-2001-0404",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010328 CHINANSL Security Advisory(CSA-200106)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=98583089425166&w=2" "lang": "eng",
} "value": "Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010328 CHINANSL Security Advisory(CSA-200106)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98583089425166&w=2"
}
]
}
}

190
2001/1xxx/CVE-2001-1402.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1402", "ID": "CVE-2001-1402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010829 Security Advisory for Bugzilla v2.13 and older", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=99912899900567" "lang": "eng",
}, "value": "Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi."
{ }
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38854", ]
"refsource" : "CONFIRM", },
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38854" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38855", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38855" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=87701", ]
"refsource" : "CONFIRM", }
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=87701" ]
}, },
{ "references": {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38859", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=38859" "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=95235",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=95235"
"name" : "RHSA-2001:107", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2001-107.html" "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=39536",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=39536"
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=39536", },
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=39536" "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=87701",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=87701"
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=95235", },
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=95235" "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=38859",
} "refsource": "CONFIRM",
] "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=38859"
} },
} {
"name": "20010829 Security Advisory for Bugzilla v2.13 and older",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=99912899900567"
},
{
"name": "RHSA-2001:107",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-107.html"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=38854",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=38854"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=38855",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=38855"
}
]
}
}

160
2001/1xxx/CVE-2001-1460.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1460", "ID": "CVE-2001-1460",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011012 Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html" "lang": "eng",
}, "value": "SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter."
{ }
"name" : "20011013 Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#921547", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/921547" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3435", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/3435" ]
}, },
{ "references": {
"name" : "postnuke-getusrinfo-bypass-authentication(7280)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7280" "name": "VU#921547",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/921547"
} },
} {
"name": "20011013 Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html"
},
{
"name": "3435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3435"
},
{
"name": "20011012 Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html"
},
{
"name": "postnuke-getusrinfo-bypass-authentication(7280)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7280"
}
]
}
}

160
2001/1xxx/CVE-2001-1500.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1500", "ID": "CVE-2001-1500",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010907 ProFTPd and reverse DNS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/212805" "lang": "eng",
}, "value": "ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged."
{ }
"name" : "CLA-2002:450", ]
"refsource" : "CONECTIVA", },
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000450" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2002:005", "description": [
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2002:005" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3310", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/3310" ]
}, },
{ "references": {
"name" : "proftpd-unresolved-hostname(7126)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7126" "name": "20010907 ProFTPd and reverse DNS",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/212805"
} },
} {
"name": "3310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3310"
},
{
"name": "MDKSA-2002:005",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:005"
},
{
"name": "CLA-2002:450",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000450"
},
{
"name": "proftpd-unresolved-hostname(7126)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7126"
}
]
}
}

140
2001/1xxx/CVE-2001-1539.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1539", "ID": "CVE-2001-1539",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011202 Stack overflow in all Internet Explorer Versions!!", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-12/0008.html" "lang": "eng",
}, "value": "Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem."
{ }
"name" : "20011204 RE: Stack overflow in all Internet Explorer Versions!!", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-12/0034.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ie-settimeout-dos(7661)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7661.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20011202 Stack overflow in all Internet Explorer Versions!!",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0008.html"
},
{
"name": "ie-settimeout-dos(7661)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7661.php"
},
{
"name": "20011204 RE: Stack overflow in all Internet Explorer Versions!!",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0034.html"
}
]
}
}

160
2006/2xxx/CVE-2006-2052.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2052", "ID": "CVE-2006-2052",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the \"viewpro\" string does not appear in the source code for version 1.0.2 of the product."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060425 Instant Photo Gallery <= Multiple XSS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/432022/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the \"viewpro\" string does not appear in the source code for version 1.0.2 of the product."
{ }
"name" : "20060427 Re: Instant Photo Gallery <= Multiple XSS", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/432241/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17696", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17696" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24984", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24984" ]
}, },
{ "references": {
"name" : "790", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/790" "name": "20060425 Instant Photo Gallery <= Multiple XSS",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/432022/100/0/threaded"
} },
} {
"name": "17696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17696"
},
{
"name": "24984",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24984"
},
{
"name": "20060427 Re: Instant Photo Gallery <= Multiple XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432241/100/0/threaded"
},
{
"name": "790",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/790"
}
]
}
}

210
2006/2xxx/CVE-2006-2386.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2006-2386", "ID": "CVE-2006-2386",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBST02180", "description_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/454969/100/200/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file."
{ }
"name" : "SSRT061288", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/454969/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS06-076", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-076" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA06-346A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-346A.html" ]
}, },
{ "references": {
"name" : "21501", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21501" "name": "23311",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23311"
"name" : "ADV-2006-4969", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4969" "name": "21501",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21501"
"name" : "oval:org.mitre.oval:def:1055", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1055" "name": "oval:org.mitre.oval:def:1055",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1055"
"name" : "1017369", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017369" "name": "TA06-346A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html"
"name" : "23311", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23311" "name": "MS06-076",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-076"
"name" : "oe-wab-bo(29227)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29227" "name": "SSRT061288",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
} },
} {
"name": "HPSBST02180",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
},
{
"name": "1017369",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017369"
},
{
"name": "ADV-2006-4969",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4969"
},
{
"name": "oe-wab-bo(29227)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29227"
}
]
}
}

160
2006/6xxx/CVE-2006-6018.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6018", "ID": "CVE-2006-6018",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the INC_PATH parameter, a different vector than CVE-2006-5089. NOTE: this issue is disputed by CVE and third party researchers because INC_PATH is a constant."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061116 My-BIC => 0.6.5 Remote File Include Vulnerability Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451876/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the INC_PATH parameter, a different vector than CVE-2006-5089. NOTE: this issue is disputed by CVE and third party researchers because INC_PATH is a constant."
{ }
"name" : "20061117 Fwd: My-BIC => 0.6.5 Remote File Include Vulnerability Exploit", ]
"refsource" : "VIM", },
"url" : "http://attrition.org/pipermail/vim/2006-November/001127.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "31542", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31542" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1891", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/1891" ]
}, },
{ "references": {
"name" : "mybic-mybic-file-include(30361)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30361" "name": "20061117 Fwd: My-BIC => 0.6.5 Remote File Include Vulnerability Exploit",
} "refsource": "VIM",
] "url": "http://attrition.org/pipermail/vim/2006-November/001127.html"
} },
} {
"name": "20061116 My-BIC => 0.6.5 Remote File Include Vulnerability Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451876/100/0/threaded"
},
{
"name": "31542",
"refsource": "OSVDB",
"url": "http://osvdb.org/31542"
},
{
"name": "1891",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1891"
},
{
"name": "mybic-mybic-file-include(30361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30361"
}
]
}
}

150
2006/6xxx/CVE-2006-6162.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6162", "ID": "CVE-2006-6162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the pageAlias parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "21297", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21297" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the pageAlias parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "ADV-2006-4709", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/4709" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30692", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/30692" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22850", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22850" ]
} },
] "references": {
} "reference_data": [
} {
"name": "21297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21297"
},
{
"name": "ADV-2006-4709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4709"
},
{
"name": "22850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22850"
},
{
"name": "30692",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30692"
}
]
}
}

130
2006/6xxx/CVE-2006-6440.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6440", "ID": "CVE-2006-6440",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""
{ }
"name" : "23265", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/23265" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23265"
},
{
"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
}
]
}
}

320
2006/6xxx/CVE-2006-6740.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6740", "ID": "CVE-2006-6740",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath parameter to (3) index.inc.php, (4) account.inc.php, (5) admin_newcomm.inc.php, (6) header_admin.inc.php, (7) header.inc.php, (8) friends.inc.php, (9) menu_u.inc.php, (10) notify.inc.php, (11) body.inc.php, (12) body_admin.inc.php, (13) commrecc.inc.php, (14) do_reg.inc.php, (15) comm_post.inc.php, or (16) menu_v.inc.php in include/, different vectors than CVE-2006-5634. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2956", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2956" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath parameter to (3) index.inc.php, (4) account.inc.php, (5) admin_newcomm.inc.php, (6) header_admin.inc.php, (7) header.inc.php, (8) friends.inc.php, (9) menu_u.inc.php, (10) notify.inc.php, (11) body.inc.php, (12) body_admin.inc.php, (13) commrecc.inc.php, (14) do_reg.inc.php, (15) comm_post.inc.php, or (16) menu_v.inc.php in include/, different vectors than CVE-2006-5634. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "http://linuxwebshop.com/forum/viewtopic.php?t=40", ]
"refsource" : "CONFIRM", },
"url" : "http://linuxwebshop.com/forum/viewtopic.php?t=40" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070301 phpProfiles vendor ack", "description": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2007-March/001401.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21667", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/21667" ]
}, },
{ "references": {
"name" : "ADV-2006-5087", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5087" "name": "http://linuxwebshop.com/forum/viewtopic.php?t=40",
}, "refsource": "CONFIRM",
{ "url": "http://linuxwebshop.com/forum/viewtopic.php?t=40"
"name" : "32363", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32363" "name": "32375",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32375"
"name" : "32364", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32364" "name": "32363",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32363"
"name" : "32365", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32365" "name": "32372",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32372"
"name" : "32366", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32366" "name": "32374",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32374"
"name" : "32367", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32367" "name": "ADV-2006-5087",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/5087"
"name" : "32368", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32368" "name": "32376",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32376"
"name" : "32369", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32369" "name": "32365",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32365"
"name" : "32370", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32370" "name": "32370",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32370"
"name" : "32371", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32371" "name": "32366",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32366"
"name" : "32372", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32372" "name": "32368",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32368"
"name" : "32373", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32373" "name": "23423",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23423"
"name" : "32374", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32374" "name": "32369",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32369"
"name" : "32375", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32375" "name": "32364",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32364"
"name" : "32376", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32376" "name": "32371",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32371"
"name" : "23423", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23423" "name": "20070301 phpProfiles vendor ack",
}, "refsource": "VIM",
{ "url": "http://www.attrition.org/pipermail/vim/2007-March/001401.html"
"name" : "phpprofiles-multiple-parameters-file-include(30997)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30997" "name": "32367",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/32367"
} },
} {
"name": "phpprofiles-multiple-parameters-file-include(30997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30997"
},
{
"name": "21667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21667"
},
{
"name": "32373",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32373"
},
{
"name": "2956",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2956"
}
]
}
}

160
2011/0xxx/CVE-2011-0962.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2011-0962", "ID": "CVE-2011-0962",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "17304", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/17304" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
{ }
"name" : "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087", ]
"refsource" : "CONFIRM", }
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087" ]
}, },
{ "references": {
"name" : "cisco-uom-common-services-xss(67524)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524" "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087",
} "refsource": "CONFIRM",
] "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
} },
} {
"name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
"refsource": "MISC",
"url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
},
{
"name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
},
{
"name": "17304",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17304"
},
{
"name": "cisco-uom-common-services-xss(67524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
}
]
}
}

150
2011/3xxx/CVE-2011-3003.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3003", "ID": "CVE-2011-3003",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html" "lang": "eng",
}, "value": "Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=682335", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=682335" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2011:141", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:141" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:14054", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14054" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=682335",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=682335"
},
{
"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html"
},
{
"name": "MDVSA-2011:141",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:141"
},
{
"name": "oval:org.mitre.oval:def:14054",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14054"
}
]
}
}

150
2011/3xxx/CVE-2011-3441.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3441", "ID": "CVE-2011-3441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5052", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5052" "lang": "eng",
}, "value": "libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname."
{ }
"name" : "http://support.apple.com/kb/HT5130", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5130" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2011-11-10-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2012-02-01-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://support.apple.com/kb/HT5130",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5130"
},
{
"name": "APPLE-SA-2012-02-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name": "APPLE-SA-2011-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT5052",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5052"
}
]
}
}

140
2011/3xxx/CVE-2011-3702.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3702", "ID": "CVE-2011-3702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" "lang": "eng",
}, "value": "Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files."
{ }
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", ]
"refsource" : "MISC", },
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Ananta_Gazelle1.0", "description": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Ananta_Gazelle1.0" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Ananta_Gazelle1.0",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/Ananta_Gazelle1.0"
},
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}
}

34
2011/4xxx/CVE-2011-4478.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4478", "ID": "CVE-2011-4478",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

210
2011/4xxx/CVE-2011-4579.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4579", "ID": "CVE-2011-4579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to \"dimensions changed.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20111123 NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/520620" "lang": "eng",
}, "value": "The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to \"dimensions changed.\""
{ }
"name" : "http://ffmpeg.org/", ]
"refsource" : "CONFIRM", },
"url" : "http://ffmpeg.org/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.libav.org/?p=libav.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.libav.org/?p=libav.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229", ]
"refsource" : "CONFIRM", }
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229" ]
}, },
{ "references": {
"name" : "http://libav.org/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://libav.org/" "name": "http://git.libav.org/?p=libav.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229",
}, "refsource": "CONFIRM",
{ "url": "http://git.libav.org/?p=libav.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229"
"name" : "MDVSA-2012:074", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:074" "name": "MDVSA-2012:076",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076"
"name" : "MDVSA-2012:075", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075" "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229",
}, "refsource": "CONFIRM",
{ "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6e24b9488e67849a28e64a8056e05f83cf439229"
"name" : "MDVSA-2012:076", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076" "name": "USN-1320-1",
}, "refsource": "UBUNTU",
{ "url": "http://ubuntu.com/usn/usn-1320-1"
"name" : "USN-1320-1", },
"refsource" : "UBUNTU", {
"url" : "http://ubuntu.com/usn/usn-1320-1" "name": "MDVSA-2012:074",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:074"
"name" : "USN-1333-1", },
"refsource" : "UBUNTU", {
"url" : "http://ubuntu.com/usn/usn-1333-1" "name": "MDVSA-2012:075",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075"
} },
} {
"name": "http://ffmpeg.org/",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/"
},
{
"name": "http://libav.org/",
"refsource": "CONFIRM",
"url": "http://libav.org/"
},
{
"name": "USN-1333-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1333-1"
},
{
"name": "20111123 NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520620"
}
]
}
}

120
2011/4xxx/CVE-2011-4700.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4700", "ID": "CVE-2011-4700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4700-vulnerability-in-UberSocial.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4700-vulnerability-in-UberSocial.html" "lang": "eng",
} "value": "The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4700-vulnerability-in-UberSocial.html",
"refsource": "MISC",
"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4700-vulnerability-in-UberSocial.html"
}
]
}
}

130
2011/4xxx/CVE-2011-4717.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4717", "ID": "CVE-2011-4717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-09.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-09.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command."
{ }
"name" : "http://forum.zftpserver.com/viewtopic.php?f=4&t=2927", ]
"refsource" : "CONFIRM", },
"url" : "http://forum.zftpserver.com/viewtopic.php?f=4&t=2927" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://forum.zftpserver.com/viewtopic.php?f=4&t=2927",
"refsource": "CONFIRM",
"url": "http://forum.zftpserver.com/viewtopic.php?f=4&t=2927"
},
{
"name": "http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-09.txt",
"refsource": "MISC",
"url": "http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-09.txt"
}
]
}
}

180
2013/0xxx/CVE-2013-0312.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0312", "ID": "CVE-2013-0312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=912964", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=912964" "lang": "eng",
}, "value": "389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence."
{ }
"name" : "https://fedorahosted.org/389/ticket/571", ]
"refsource" : "MISC", },
"url" : "https://fedorahosted.org/389/ticket/571" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://directory.fedoraproject.org/wiki/Releases/1.3.0.4", "description": [
"refsource" : "CONFIRM", {
"url" : "http://directory.fedoraproject.org/wiki/Releases/1.3.0.4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2013:0628", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0628.html" ]
}, },
{ "references": {
"name" : "58428", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/58428" "name": "http://directory.fedoraproject.org/wiki/Releases/1.3.0.4",
}, "refsource": "CONFIRM",
{ "url": "http://directory.fedoraproject.org/wiki/Releases/1.3.0.4"
"name" : "52279", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52279" "name": "52568",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/52568"
"name" : "52568", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52568" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=912964",
} "refsource": "MISC",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912964"
} },
} {
"name": "https://fedorahosted.org/389/ticket/571",
"refsource": "MISC",
"url": "https://fedorahosted.org/389/ticket/571"
},
{
"name": "58428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58428"
},
{
"name": "RHSA-2013:0628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0628.html"
},
{
"name": "52279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52279"
}
]
}
}

140
2013/0xxx/CVE-2013-0786.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2013-0786", "ID": "CVE-2013-0786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote attackers to discover private product names by using debug mode for a query."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.bugzilla.org/security/3.6.12/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.bugzilla.org/security/3.6.12/" "lang": "eng",
}, "value": "The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote attackers to discover private product names by using debug mode for a query."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824399", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824399" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2013:066", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:066",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=824399",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=824399"
},
{
"name": "http://www.bugzilla.org/security/3.6.12/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/3.6.12/"
}
]
}
}

190
2013/1xxx/CVE-2013-1469.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1469", "ID": "CVE-2013-1469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130227 Multiple Vulnerabilities in Piwigo", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-02/0153.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter."
{ }
"name" : "24561", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/24561" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/120592/Piwigo-2.4.6-Cross-Site-Request-Forgery-Traversal.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/120592/Piwigo-2.4.6-Cross-Site-Request-Forgery-Traversal.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5127.php", ]
"refsource" : "MISC", }
"url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5127.php" ]
}, },
{ "references": {
"name" : "https://www.htbridge.com/advisory/HTB23144", "reference_data": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23144" "name": "http://piwigo.org/forum/viewtopic.php?id=21470",
}, "refsource": "CONFIRM",
{ "url": "http://piwigo.org/forum/viewtopic.php?id=21470"
"name" : "http://piwigo.org/bugs/view.php?id=0002843", },
"refsource" : "CONFIRM", {
"url" : "http://piwigo.org/bugs/view.php?id=0002843" "name": "http://piwigo.org/releases/2.4.7",
}, "refsource": "CONFIRM",
{ "url": "http://piwigo.org/releases/2.4.7"
"name" : "http://piwigo.org/forum/viewtopic.php?id=21470", },
"refsource" : "CONFIRM", {
"url" : "http://piwigo.org/forum/viewtopic.php?id=21470" "name": "https://www.htbridge.com/advisory/HTB23144",
}, "refsource": "MISC",
{ "url": "https://www.htbridge.com/advisory/HTB23144"
"name" : "http://piwigo.org/releases/2.4.7", },
"refsource" : "CONFIRM", {
"url" : "http://piwigo.org/releases/2.4.7" "name": "http://packetstormsecurity.com/files/120592/Piwigo-2.4.6-Cross-Site-Request-Forgery-Traversal.html",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.com/files/120592/Piwigo-2.4.6-Cross-Site-Request-Forgery-Traversal.html"
} },
} {
"name": "24561",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/24561"
},
{
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5127.php",
"refsource": "MISC",
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5127.php"
},
{
"name": "http://piwigo.org/bugs/view.php?id=0002843",
"refsource": "CONFIRM",
"url": "http://piwigo.org/bugs/view.php?id=0002843"
},
{
"name": "20130227 Multiple Vulnerabilities in Piwigo",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0153.html"
}
]
}
}

200
2013/1xxx/CVE-2013-1907.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1907", "ID": "CVE-2013-1907",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130327 [Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2013/Mar/242" "lang": "eng",
}, "value": "The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors."
{ }
"name" : "http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://drupal.org/node/1954764", "description": [
"refsource" : "MISC", {
"url" : "https://drupal.org/node/1954764" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://drupal.org/node/1954762", ]
"refsource" : "CONFIRM", }
"url" : "https://drupal.org/node/1954762" ]
}, },
{ "references": {
"name" : "https://drupal.org/node/1954948", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://drupal.org/node/1954948" "name": "http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html"
"name" : "91748", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/91748" "name": "20130327 [Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2013/Mar/242"
"name" : "52769", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52769" "name": "52795",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/52795"
"name" : "52795", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52795" "name": "https://drupal.org/node/1954764",
}, "refsource": "MISC",
{ "url": "https://drupal.org/node/1954764"
"name" : "drupal-commons-groups-security-bypass(83133)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83133" "name": "52769",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/52769"
} },
} {
"name": "https://drupal.org/node/1954948",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/1954948"
},
{
"name": "https://drupal.org/node/1954762",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/1954762"
},
{
"name": "91748",
"refsource": "OSVDB",
"url": "http://osvdb.org/91748"
},
{
"name": "drupal-commons-groups-security-bypass(83133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83133"
}
]
}
}

230
2013/1xxx/CVE-2013-1937.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1937", "ID": "CVE-2013-1937",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is \"not exploitable.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130409 [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html" "lang": "eng",
}, "value": "** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is \"not exploitable.\""
{ }
"name" : "[oss-security] 20130409 Re: CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2013/04/09/13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.waraxe.us/advisory-102.html", ]
"refsource" : "MISC", }
"url" : "http://www.waraxe.us/advisory-102.html" ]
}, },
{ "references": {
"name" : "http://immunityservices.blogspot.com/2019/02/cvss.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://immunityservices.blogspot.com/2019/02/cvss.html" "name": "MDVSA-2013:144",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:144"
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a" "name": "http://immunityservices.blogspot.com/2019/02/cvss.html",
}, "refsource": "MISC",
{ "url": "http://immunityservices.blogspot.com/2019/02/cvss.html"
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php", },
"refsource" : "CONFIRM", {
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php" "name": "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a"
"name" : "FEDORA-2013-5604", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html" "name": "openSUSE-SU-2013:1065",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html"
"name" : "FEDORA-2013-5620", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html" "name": "FEDORA-2013-5623",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html"
"name" : "FEDORA-2013-5623", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103188.html" "name": "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/121205/phpMyAdmin-3.5.7-Cross-Site-Scripting.html"
"name" : "MDVSA-2013:144", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:144" "name": "FEDORA-2013-5604",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103195.html"
"name" : "openSUSE-SU-2013:1065", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00181.html" "name": "20130409 [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7",
} "refsource": "FULLDISC",
] "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0101.html"
} },
} {
"name": "[oss-security] 20130409 Re: CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/04/09/13"
},
{
"name": "FEDORA-2013-5620",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103184.html"
},
{
"name": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-1.php"
},
{
"name": "http://www.waraxe.us/advisory-102.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-102.html"
}
]
}
}

34
2013/5xxx/CVE-2013-5345.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-5345", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-5345",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

34
2013/5xxx/CVE-2013-5584.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5584", "ID": "CVE-2013-5584",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

270
2013/5xxx/CVE-2013-5787.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5787", "ID": "CVE-2013-5787",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852."
{ }
"name" : "http://support.apple.com/kb/HT5982", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5982" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" ]
}, },
{ "references": {
"name" : "APPLE-SA-2013-10-15-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html" "name": "RHSA-2014:0414",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0414"
"name" : "HPSBUX02943", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674031212883&w=2" "name": "RHSA-2013:1440",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
"name" : "HPSBUX02944", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2" "name": "RHSA-2013:1508",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
"name" : "RHSA-2013:1440", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "name": "SUSE-SU-2013:1677",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
"name" : "RHSA-2013:1507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "name": "HPSBUX02944",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
"name" : "RHSA-2013:1508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
"name" : "RHSA-2013:1793", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "name": "HPSBUX02943",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674031212883&w=2"
"name" : "RHSA-2014:0414", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "name": "63155",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/63155"
"name" : "SUSE-SU-2013:1677", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "name": "RHSA-2013:1793",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
"name" : "63155", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/63155" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
"name" : "oval:org.mitre.oval:def:19147", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19147" "name": "APPLE-SA-2013-10-15-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
"name" : "56338", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56338" "name": "RHSA-2013:1507",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
} },
} {
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:19147",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19147"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}

160
2014/2xxx/CVE-2014-2495.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-2495", "ID": "CVE-2014-2495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Purchasing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Purchasing."
{ }
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" ]
}, },
{ "references": {
"name" : "1030586", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030586" "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
} "refsource": "CONFIRM",
] "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
} },
} {
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "1030586",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030586"
}
]
}
}

34
2014/2xxx/CVE-2014-2961.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2961", "ID": "CVE-2014-2961",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/6xxx/CVE-2014-6163.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-6163", "ID": "CVE-2014-6163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691035", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691035" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
{ }
"name" : "IT04614", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-xc10-cve20146163-xss(97712)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97712" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691035",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691035"
},
{
"name": "IT04614",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614"
},
{
"name": "ibm-xc10-cve20146163-xss(97712)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97712"
}
]
}
}

150
2017/0xxx/CVE-2017-0120.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0120", "ID": "CVE-2017-0120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2, and R2 SP1, and Windows 7 SP1.", "product_name": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2, and R2 SP1, and Windows 7 SP1.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2, and R2 SP1, and Windows 7 SP1." "version_value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2, and R2 SP1, and Windows 7 SP1."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Windows Uniscribe Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "41655", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/41655/" "lang": "eng",
}, "value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Windows Uniscribe Information Disclosure Vulnerability.\""
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0120", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0120" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "96667", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96667" "lang": "eng",
}, "value": "Information Disclosure"
{ }
"name" : "1037992", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037992" ]
} },
] "references": {
} "reference_data": [
} {
"name": "96667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96667"
},
{
"name": "1037992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037992"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0120",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0120"
},
{
"name": "41655",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41655/"
}
]
}
}

140
2017/0xxx/CVE-2017-0222.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0222", "ID": "CVE-2017-0222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Internet Explorer", "product_name": "Internet Explorer",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows 8.1 for 32-bit systems, Windows 8.1 for x64-based systems, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, Windows 10 Version 1703 for x64-based Systems, and Windows Server 2016." "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows 7 for 32-bit Systems Service Pack 1, Windows 7 for x64-based Systems Service Pack 1, Windows 8.1 for 32-bit systems, Windows 8.1 for x64-based systems, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, Windows 10 Version 1703 for x64-based Systems, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0226."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222" "lang": "eng",
}, "value": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \"Internet Explorer Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0226."
{ }
"name" : "98127", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98127" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038423", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038423" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222"
},
{
"name": "98127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98127"
},
{
"name": "1038423",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038423"
}
]
}
}

34
2017/0xxx/CVE-2017-0237.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0237", "ID": "CVE-2017-0237",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

176
2017/0xxx/CVE-2017-0479.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0479", "ID": "CVE-2017-0479",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32707507."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-03-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-03-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32707507."
{ }
"name" : "96958", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037968", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037968" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name": "96958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96958"
}
]
}
}

130
2017/0xxx/CVE-2017-0607.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0607", "ID": "CVE-2017-0607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400551. References: QC-CR#1085928."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-05-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400551. References: QC-CR#1085928."
{ }
"name" : "98171", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98171" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98171"
},
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}
}

37
2017/1000xxx/CVE-2017-1000040.json
View File

@ -1,21 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.289278", "data_version": "4.0",
"ID" : "CVE-2017-1000040", "CVE_data_meta": {
"REQUESTER" : "bshastry@sec.t-labs.tu-berlin.de", "ID": "CVE-2017-1000040",
"STATE" : "REJECT", "ASSIGNER": "cve@mitre.org",
"STATE_DETAIL" : "DUPLICATE of CVE-2017-7853" "STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0", {
"description" : { "lang": "eng",
"description_data" : [ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7853. Reason: This candidate is a reservation duplicate of CVE-2017-7853. Notes: All CVE users should reference CVE-2017-7853 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
{ }
"lang" : "eng", ]
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7853. Reason: This candidate is a reservation duplicate of CVE-2017-7853. Notes: All CVE users should reference CVE-2017-7853 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." }
} }
]
}
}

124
2017/1000xxx/CVE-2017-1000213.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.442450", "DATE_ASSIGNED": "2017-08-22T17:29:33.442450",
"ID" : "CVE-2017-1000213", "ID": "CVE-2017-1000213",
"REQUESTER" : "strukt93@gmail.com", "REQUESTER": "strukt93@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WBCE", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.1.11" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Way better content editing" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WBCE v1.1.11 is vulnerable to reflected XSS via the \"begriff\" POST parameter in /admin/admintools/tool.php?tool=user_search"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/WBCE/WBCE_CMS/commit/0da620016aec17ac2d2f3a22c55ab8c2b55e691e#diff-7b380285e285160d0070863099baabe0", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/WBCE/WBCE_CMS/commit/0da620016aec17ac2d2f3a22c55ab8c2b55e691e#diff-7b380285e285160d0070863099baabe0" "lang": "eng",
} "value": "WBCE v1.1.11 is vulnerable to reflected XSS via the \"begriff\" POST parameter in /admin/admintools/tool.php?tool=user_search"
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/WBCE/WBCE_CMS/commit/0da620016aec17ac2d2f3a22c55ab8c2b55e691e#diff-7b380285e285160d0070863099baabe0",
"refsource": "CONFIRM",
"url": "https://github.com/WBCE/WBCE_CMS/commit/0da620016aec17ac2d2f3a22c55ab8c2b55e691e#diff-7b380285e285160d0070863099baabe0"
}
]
}
}

124
2017/1000xxx/CVE-2017-1000234.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.462821", "DATE_ASSIGNED": "2017-08-22T17:29:33.462821",
"ID" : "CVE-2017-1000234", "ID": "CVE-2017-1000234",
"REQUESTER" : "j.singh@sec-consult.com", "REQUESTER": "j.singh@sec-consult.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "I, Librarian", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<=4.6 & 4.7" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "I, Librarian" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the \"dir\" parameter"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory Traversal"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt" "lang": "eng",
} "value": "I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the \"dir\" parameter"
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt"
}
]
}
}

142
2017/12xxx/CVE-2017-12516.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-08-11T00:00:00", "DATE_PUBLIC": "2017-08-11T00:00:00",
"ID" : "CVE-2017-12516", "ID": "CVE-2017-12516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intelligent Management Center (iMC) PLAT", "product_name": "Intelligent Management Center (iMC) PLAT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "PLAT 7.3 (E0504)" "version_value": "PLAT 7.3 (E0504)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" "lang": "eng",
}, "value": "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version."
{ }
"name" : "100367", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100367" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039152", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039152" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1039152",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039152"
},
{
"name": "100367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100367"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us"
}
]
}
}

140
2017/16xxx/CVE-2017-16373.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-16373", "ID": "CVE-2017-16373",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions", "product_name": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions" "version_value": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference. In this scenario, the input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted Pointer Dereference"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html" "lang": "eng",
}, "value": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference. In this scenario, the input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can result in sensitive data exposure."
{ }
"name" : "101813", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101813" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039791", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039791" "lang": "eng",
} "value": "Untrusted Pointer Dereference"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1039791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039791"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html"
},
{
"name": "101813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101813"
}
]
}
}

120
2017/16xxx/CVE-2017-16551.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16551", "ID": "CVE-2017-16551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017" "lang": "eng",
} "value": "K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017",
"refsource": "CONFIRM",
"url": "https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017"
}
]
}
}

34
2017/16xxx/CVE-2017-16622.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16622", "ID": "CVE-2017-16622",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2017/16xxx/CVE-2017-16932.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16932", "ID": "CVE-2017-16932",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html" "lang": "eng",
}, "value": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities."
{ }
"name" : "http://xmlsoft.org/news.html", ]
"refsource" : "CONFIRM", },
"url" : "http://xmlsoft.org/news.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=759579", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=759579" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961" ]
}, },
{ "references": {
"name" : "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html" "name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html",
}, "refsource": "CONFIRM",
{ "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
"name" : "USN-3739-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3739-1/" "name": "[debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update",
} "refsource": "MLIST",
] "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html"
} },
} {
"name": "http://xmlsoft.org/news.html",
"refsource": "CONFIRM",
"url": "http://xmlsoft.org/news.html"
},
{
"name": "USN-3739-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3739-1/"
},
{
"name": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961",
"refsource": "CONFIRM",
"url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=759579",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579"
}
]
}
}

34
2017/16xxx/CVE-2017-16999.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-16999", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-16999",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1089.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1089", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1089",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

288
2017/1xxx/CVE-2017-1651.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-28T00:00:00", "DATE_PUBLIC": "2018-06-28T00:00:00",
"ID" : "CVE-2017-1651", "ID": "CVE-2017-1651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Quality Manager", "product_name": "Rational Quality Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133261."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www-prd-trops.events.ibm.com/node/715749", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www-prd-trops.events.ibm.com/node/715749" "lang": "eng",
}, "value": "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133261."
{ }
"name" : "ibm-rqm-cve20171651-xss(133261)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/133261" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
} "AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-rqm-cve20171651-xss(133261)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133261"
},
{
"name": "https://www-prd-trops.events.ibm.com/node/715749",
"refsource": "CONFIRM",
"url": "https://www-prd-trops.events.ibm.com/node/715749"
}
]
}
}

34
2017/4xxx/CVE-2017-4062.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4062", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4062",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4269.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4269", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4269",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4591.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4591", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4591",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4688.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4688", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4688",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4894.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4894", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4894",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2018/5xxx/CVE-2018-5644.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5644", "ID": "CVE-2018-5644",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }