admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:50:32 +00:00
parent c68c9f74a6
commit 9e0ee3a370
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 4038 additions and 4033 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2003/1xxx/CVE-2003-1055.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1055", "ID": "CVE-2003-1055",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "52222", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52222-1" "lang": "eng",
}, "value": "Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup."
{ }
"name" : "ESB-2003.0461", ]
"refsource" : "AUSCERT", },
"url" : "http://www.auscert.org.au/render.html?it=3224" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "N-113", "description": [
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/n-113.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "7064", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/7064" ]
}, },
{ "references": {
"name" : "1006401", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1006401" "name": "N-113",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/n-113.shtml"
"name" : "solaris-nssldapso1-bo(11641)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11641" "name": "7064",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/7064"
} },
} {
"name": "52222",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52222-1"
},
{
"name": "1006401",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006401"
},
{
"name": "solaris-nssldapso1-bo(11641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11641"
},
{
"name": "ESB-2003.0461",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=3224"
}
]
}
}

150
2004/0xxx/CVE-2004-0139.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0139", "ID": "CVE-2004-0139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which \"t_unbind changes t_bind's behavior,\" has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040905-01-P", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20040905-01-P.asc" "lang": "eng",
}, "value": "Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which \"t_unbind changes t_bind's behavior,\" has unknown impact and attack vectors."
{ }
"name" : "12682", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/12682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11276", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11276" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "irix-bsda-kernel(17547)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17547" ]
} },
] "references": {
} "reference_data": [
} {
"name": "irix-bsda-kernel(17547)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17547"
},
{
"name": "20040905-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040905-01-P.asc"
},
{
"name": "12682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12682"
},
{
"name": "11276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11276"
}
]
}
}

150
2004/0xxx/CVE-2004-0320.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0320", "ID": "CVE-2004-0320",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040223 nCipher Advisory #9: Host-side attackers can access secret data", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107755899018249&w=2" "lang": "eng",
}, "value": "Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands."
{ }
"name" : "ncipher-hsm-obtain-info(15281)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9717", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9717" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4055", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/4055" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ncipher-hsm-obtain-info(15281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15281"
},
{
"name": "9717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9717"
},
{
"name": "4055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4055"
},
{
"name": "20040223 nCipher Advisory #9: Host-side attackers can access secret data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107755899018249&w=2"
}
]
}
}

150
2004/0xxx/CVE-2004-0647.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0647", "ID": "CVE-2004-0647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Shorewall-announce] 20040628 URGENT: Shorewall Security Vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.shorewall.net/pipermail/shorewall-announce/2004-June/000385.html" "lang": "eng",
}, "value": "shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file."
{ }
"name" : "GLSA-200407-07", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200407-07.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2004:080", "description": [
"refsource" : "MANDRAKE", {
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:080" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "shorewall-symlink(16651)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16651" ]
} },
] "references": {
} "reference_data": [
} {
"name": "shorewall-symlink(16651)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16651"
},
{
"name": "[Shorewall-announce] 20040628 URGENT: Shorewall Security Vulnerability",
"refsource": "MLIST",
"url": "http://lists.shorewall.net/pipermail/shorewall-announce/2004-June/000385.html"
},
{
"name": "MDKSA-2004:080",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:080"
},
{
"name": "GLSA-200407-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-07.xml"
}
]
}
}

140
2004/0xxx/CVE-2004-0735.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0735", "ID": "CVE-2004-0735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040717 Medal of Honor remote buffer-overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109008314631518&w=2" "lang": "eng",
}, "value": "Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors."
{ }
"name" : "10743", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/10743" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "medalofhonor-packet-bo(16715)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16715" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20040717 Medal of Honor remote buffer-overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109008314631518&w=2"
},
{
"name": "10743",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10743"
},
{
"name": "medalofhonor-packet-bo(16715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16715"
}
]
}
}

130
2004/1xxx/CVE-2004-1115.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1115", "ID": "CVE-2004-1115",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "GLSA-200411-26", "description_data": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml" "lang": "eng",
}, "value": "The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs."
{ }
"name" : "seti@home-gain-privileges(18149)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18149" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200411-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml"
},
{
"name": "seti@home-gain-privileges(18149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18149"
}
]
}
}

190
2004/1xxx/CVE-2004-1597.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1597", "ID": "CVE-2004-1597",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041013 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109769022430842&w=2" "lang": "eng",
}, "value": "RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored."
{ }
"name" : "20041014 [HV-MED] UPDATE: RIM Blackberry DoS, data loss", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=109778267829493&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20041012 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027487.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.hexview.com/docs/20041012-1.txt", ]
"refsource" : "MISC", }
"url" : "http://www.hexview.com/docs/20041012-1.txt" ]
}, },
{ "references": {
"name" : "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0" "name": "20041012 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027487.html"
"name" : "11389", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11389" "name": "12814",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12814"
"name" : "12814", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12814" "name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0",
}, "refsource": "CONFIRM",
{ "url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/Known_%20Issues_-_HexView_advisory_on_BlackBerry_buffer_overflow,_DoS,_and_data_loss.html?nodeid=737173&vernum=0"
"name" : "blackberry-calendar-bo(17700)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17700" "name": "20041014 [HV-MED] UPDATE: RIM Blackberry DoS, data loss",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=109778267829493&w=2"
} },
} {
"name": "http://www.hexview.com/docs/20041012-1.txt",
"refsource": "MISC",
"url": "http://www.hexview.com/docs/20041012-1.txt"
},
{
"name": "20041013 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109769022430842&w=2"
},
{
"name": "11389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11389"
},
{
"name": "blackberry-calendar-bo(17700)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17700"
}
]
}
}

180
2004/1xxx/CVE-2004-1603.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1603", "ID": "CVE-2004-1603",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041018 cPanel hardlink backup issue", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109811572123753&w=2" "lang": "eng",
}, "value": "cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled."
{ }
"name" : "20041018 cPanel hardlink chown issue", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=109811654104208&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11449", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11449" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11455", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/11455" ]
}, },
{ "references": {
"name" : "12865", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12865" "name": "cpanel-htaccess-modify-ownership(17780)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17780"
"name" : "cpanel-backup-view-file(17779)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17779" "name": "20041018 cPanel hardlink backup issue",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=109811572123753&w=2"
"name" : "cpanel-htaccess-modify-ownership(17780)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17780" "name": "cpanel-backup-view-file(17779)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17779"
} },
} {
"name": "20041018 cPanel hardlink chown issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109811654104208&w=2"
},
{
"name": "11455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11455"
},
{
"name": "12865",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12865"
},
{
"name": "11449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11449"
}
]
}
}

170
2004/1xxx/CVE-2004-1690.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1690", "ID": "CVE-2004-1690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040918 RhinoSoft DNS4ME HTTP Server Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109552436811493&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00049-09162004", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00049-09162004" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11213", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11213" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1011334", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1011334" ]
}, },
{ "references": {
"name" : "12595", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12595" "name": "dns4me-xss(17425)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17425"
"name" : "dns4me-xss(17425)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17425" "name": "12595",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/12595"
} },
} {
"name": "11213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11213"
},
{
"name": "http://www.gulftech.org/?node=research&article_id=00049-09162004",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00049-09162004"
},
{
"name": "1011334",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011334"
},
{
"name": "20040918 RhinoSoft DNS4ME HTTP Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109552436811493&w=2"
}
]
}
}

140
2004/2xxx/CVE-2004-2298.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2298", "ID": "CVE-2004-2298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm" "lang": "eng",
}, "value": "Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator."
{ }
"name" : "12234", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/12234" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13377", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13377" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "13377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13377"
},
{
"name": "12234",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12234"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
}
]
}
}

190
2004/2xxx/CVE-2004-2643.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2643", "ID": "CVE-2004-2643",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via \"../\" sequences in file names in a CAB archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041012 Microsoft cabarc directory traversal", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109759710121018&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via \"../\" sequences in file names in a CAB archive."
{ }
"name" : "20041012 Microsoft cabarc directory traversal", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0341.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.org/0410-exploits/cabarc.txt", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0410-exploits/cabarc.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11376", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/11376" ]
}, },
{ "references": {
"name" : "10714", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10714" "name": "1011626",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1011626"
"name" : "1011626", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1011626" "name": "11376",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/11376"
"name" : "12816", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12816" "name": "10714",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/10714"
"name" : "cabarc-dotdot-directory-traversal(17693)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17693" "name": "20041012 Microsoft cabarc directory traversal",
} "refsource": "FULLDISC",
] "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0341.html"
} },
} {
"name": "12816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12816"
},
{
"name": "cabarc-dotdot-directory-traversal(17693)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17693"
},
{
"name": "20041012 Microsoft cabarc directory traversal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109759710121018&w=2"
},
{
"name": "http://packetstormsecurity.org/0410-exploits/cabarc.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0410-exploits/cabarc.txt"
}
]
}
}

230
2008/2xxx/CVE-2008-2335.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2335", "ID": "CVE-2008-2335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "27519", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/27519" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected."
{ }
"name" : "20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/Mar/59" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "6422", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6422" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://holisticinfosec.org/content/view/65/45/", ]
"refsource" : "MISC", }
"url" : "http://holisticinfosec.org/content/view/65/45/" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html" "name": "phpvid-query-xss(42450)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42450"
"name" : "http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html", },
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html" "name": "27519",
}, "refsource": "EXPLOIT-DB",
{ "url": "http://www.exploit-db.com/exploits/27519"
"name" : "http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/", },
"refsource" : "MISC", {
"url" : "http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/" "name": "ADV-2008-2552",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2552"
"name" : "29238", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29238" "name": "http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/",
}, "refsource": "MISC",
{ "url": "http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/"
"name" : "45171", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/45171" "name": "30152",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30152"
"name" : "30152", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30152" "name": "http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html"
"name" : "ADV-2008-2552", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2552" "name": "20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2015/Mar/59"
"name" : "phpvid-query-xss(42450)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42450" "name": "29238",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/29238"
} },
} {
"name": "6422",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6422"
},
{
"name": "http://holisticinfosec.org/content/view/65/45/",
"refsource": "MISC",
"url": "http://holisticinfosec.org/content/view/65/45/"
},
{
"name": "45171",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/45171"
},
{
"name": "http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html"
}
]
}
}

180
2008/2xxx/CVE-2008-2517.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2517", "ID": "CVE-2008-2517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36" "lang": "eng",
}, "value": "The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process."
{ }
"name" : "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=log", ]
"refsource" : "CONFIRM", },
"url" : "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=log" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "29364", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/29364" ]
}, },
{ "references": {
"name" : "ADV-2008-1659", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1659/references" "name": "sarab-ciphers-information-disclosure(42621)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42621"
"name" : "30394", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30394" "name": "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36",
}, "refsource": "CONFIRM",
{ "url": "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36"
"name" : "sarab-ciphers-information-disclosure(42621)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42621" "name": "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=log",
} "refsource": "CONFIRM",
] "url": "http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=log"
} },
} {
"name": "ADV-2008-1659",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1659/references"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804"
},
{
"name": "29364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29364"
},
{
"name": "30394",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30394"
}
]
}
}

660
2008/2xxx/CVE-2008-2799.json
View File

@ -1,332 +1,332 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-2799", "ID": "CVE-2008-2799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080708 rPSA-2008-0216-1 firefox", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/494080/100/0/threaded" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine."
{ }
"name" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-21.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-21.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=356378", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=356378" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=380833", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=380833" "name": "SUSE-SA:2008:034",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=418128", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=418128" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=380833",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=380833"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=431409", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=431409" "name": "RHSA-2008:0549",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
"name" : "https://issues.rpath.com/browse/RPL-2646", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-2646" "name": "DSA-1697",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1697"
"name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216", },
"refsource" : "CONFIRM", {
"url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0216" "name": "31021",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31021"
"name" : "DSA-1607", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1607" "name": "30898",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30898"
"name" : "DSA-1615", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1615" "name": "31403",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31403"
"name" : "DSA-1621", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1621" "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0216",
}, "refsource": "CONFIRM",
{ "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
"name" : "DSA-1697", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1697" "name": "https://issues.rpath.com/browse/RPL-2646",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-2646"
"name" : "FEDORA-2008-6127", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html" "name": "30949",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30949"
"name" : "FEDORA-2008-6193", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html" "name": "SSA:2008-191-03",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152"
"name" : "FEDORA-2008-6196", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html" "name": "31069",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31069"
"name" : "FEDORA-2008-6706", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html" "name": "31008",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31008"
"name" : "FEDORA-2008-6737", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html" "name": "31377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31377"
"name" : "GLSA-200808-03", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200808-03.xml" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=356378",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=356378"
"name" : "MDVSA-2008:136", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136" "name": "RHSA-2008:0616",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
"name" : "MDVSA-2008:155", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155" "name": "ADV-2008-1993",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1993/references"
"name" : "RHSA-2008:0547", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0547.html" "name": "31023",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31023"
"name" : "RHSA-2008:0549", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0549.html" "name": "MDVSA-2008:155",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
"name" : "RHSA-2008:0569", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0569.html" "name": "30038",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/30038"
"name" : "RHSA-2008:0616", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2008-0616.html" "name": "30915",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30915"
"name" : "SSA:2008-191-03", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152" "name": "DSA-1607",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1607"
"name" : "SSA:2008-210-05", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484" "name": "GLSA-200808-03",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
"name" : "SSA:2008-191", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911" "name": "31005",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31005"
"name" : "SUSE-SA:2008:034", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html" "name": "33433",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33433"
"name" : "USN-619-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-619-1" "name": "FEDORA-2008-6127",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
"name" : "USN-629-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-629-1" "name": "1020419",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020419"
"name" : "30038", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30038" "name": "31253",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31253"
"name" : "oval:org.mitre.oval:def:10743", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10743" "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
"name" : "31076", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31076" "name": "FEDORA-2008-6737",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html"
"name" : "ADV-2008-1993", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1993/references" "name": "31183",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31183"
"name" : "1020419", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020419" "name": "30903",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30903"
"name" : "30911", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30911" "name": "RHSA-2008:0547",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
"name" : "30915", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30915" "name": "FEDORA-2008-6193",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
"name" : "30878", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30878" "name": "USN-629-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-629-1"
"name" : "30898", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30898" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=431409",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=431409"
"name" : "30903", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30903" "name": "SSA:2008-191",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911"
"name" : "30949", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30949" "name": "SSA:2008-210-05",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484"
"name" : "31005", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31005" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=418128",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=418128"
"name" : "31008", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31008" "name": "DSA-1615",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1615"
"name" : "31069", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31069" "name": "FEDORA-2008-6706",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html"
"name" : "31023", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31023" "name": "31220",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31220"
"name" : "31183", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31183" "name": "31195",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31195"
"name" : "31195", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31195" "name": "oval:org.mitre.oval:def:10743",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10743"
"name" : "31220", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31220" "name": "31076",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31076"
"name" : "31253", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31253" "name": "USN-619-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-619-1"
"name" : "31377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31377" "name": "30911",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30911"
"name" : "31286", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31286" "name": "RHSA-2008:0569",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
"name" : "31403", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31403" "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-21.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-21.html"
"name" : "31021", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31021" "name": "30878",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30878"
"name" : "33433", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33433" "name": "DSA-1621",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2008/dsa-1621"
} },
} {
"name": "20080708 rPSA-2008-0216-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
},
{
"name": "31286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31286"
},
{
"name": "FEDORA-2008-6196",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
},
{
"name": "MDVSA-2008:136",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
}
]
}
}

340
2008/2xxx/CVE-2008-2826.json
View File

@ -1,172 +1,172 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2826", "ID": "CVE-2008-2826",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=735ce972fbc8a65fb17788debd7bbe7b4383cc62", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=735ce972fbc8a65fb17788debd7bbe7b4383cc62" "lang": "eng",
}, "value": "Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure."
{ }
"name" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9", ]
"refsource" : "CONFIRM", },
"url" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://lwn.net/Articles/287350/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://lwn.net/Articles/287350/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207", ]
"refsource" : "CONFIRM", }
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-2629", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-2629" "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207",
}, "refsource": "CONFIRM",
{ "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0207"
"name" : "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7", },
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7" "name": "DSA-1630",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1630"
"name" : "DSA-1630", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1630" "name": "29990",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/29990"
"name" : "MDVSA-2008:167", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:167" "name": "MDVSA-2008:167",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:167"
"name" : "MDVSA-2008:174", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:174" "name": "SUSE-SA:2008:052",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
"name" : "RHSA-2008:0585", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0585.html" "name": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7"
"name" : "SUSE-SA:2008:037", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html" "name": "31551",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31551"
"name" : "SUSE-SA:2008:052", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=735ce972fbc8a65fb17788debd7bbe7b4383cc62",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=735ce972fbc8a65fb17788debd7bbe7b4383cc62"
"name" : "USN-625-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-625-1" "name": "30901",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30901"
"name" : "29990", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29990" "name": "RHSA-2008:0585",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0585.html"
"name" : "32370", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32370" "name": "linux-kernel-sctpgetsockopt-dos(43559)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43559"
"name" : "ADV-2008-2511", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2511" "name": "MDVSA-2008:174",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:174"
"name" : "1020514", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020514" "name": "31107",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31107"
"name" : "30901", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30901" "name": "SUSE-SA:2008:037",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html"
"name" : "31107", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31107" "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9",
}, "refsource": "CONFIRM",
{ "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.9"
"name" : "31202", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31202" "name": "http://lwn.net/Articles/287350/",
}, "refsource": "CONFIRM",
{ "url": "http://lwn.net/Articles/287350/"
"name" : "31628", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31628" "name": "ADV-2008-2511",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2511"
"name" : "31551", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31551" "name": "32370",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32370"
"name" : "linux-kernel-sctpgetsockopt-dos(43559)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43559" "name": "https://issues.rpath.com/browse/RPL-2629",
} "refsource": "CONFIRM",
] "url": "https://issues.rpath.com/browse/RPL-2629"
} },
} {
"name": "31628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31628"
},
{
"name": "31202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31202"
},
{
"name": "USN-625-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-625-1"
},
{
"name": "1020514",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020514"
}
]
}
}

150
2008/2xxx/CVE-2008-2846.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2846", "ID": "CVE-2008-2846",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "5858", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/5858" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter."
{ }
"name" : "29801", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29801" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30743", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30743" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "boatscripts-index-sql-injection(43182)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43182" ]
} },
] "references": {
} "reference_data": [
} {
"name": "boatscripts-index-sql-injection(43182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43182"
},
{
"name": "30743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30743"
},
{
"name": "29801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29801"
},
{
"name": "5858",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5858"
}
]
}
}

150
2008/3xxx/CVE-2008-3565.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3565", "ID": "CVE-2008-3565",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Booking System (MRBS) 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to (1) day.php, (2) week.php, (3) month.php, (4) search.php, (5) report.php, and (6) help.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securityfocus.com/bid/30531/exploit", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securityfocus.com/bid/30531/exploit" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Booking System (MRBS) 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to (1) day.php, (2) week.php, (3) month.php, (4) search.php, (5) report.php, and (6) help.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "30531", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30531" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "31355", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31355" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "mrbs-area-xss(44188)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44188" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.securityfocus.com/bid/30531/exploit",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/30531/exploit"
},
{
"name": "mrbs-area-xss(44188)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44188"
},
{
"name": "30531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30531"
},
{
"name": "31355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31355"
}
]
}
}

150
2008/6xxx/CVE-2008-6058.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6058", "ID": "CVE-2008-6058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of service (hang) via a crafted UDP Syslog packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.princeofnigeria.org/blogs/index.php/2009/01/15/syslserve-1-058-denial-of-service-vulner", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.princeofnigeria.org/blogs/index.php/2009/01/15/syslserve-1-058-denial-of-service-vulner" "lang": "eng",
}, "value": "Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of service (hang) via a crafted UDP Syslog packet."
{ }
"name" : "http://www.syslserve.com/changelog.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.syslserve.com/changelog.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33311", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33311" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33566", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/33566" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.princeofnigeria.org/blogs/index.php/2009/01/15/syslserve-1-058-denial-of-service-vulner",
"refsource": "MISC",
"url": "http://www.princeofnigeria.org/blogs/index.php/2009/01/15/syslserve-1-058-denial-of-service-vulner"
},
{
"name": "http://www.syslserve.com/changelog.html",
"refsource": "CONFIRM",
"url": "http://www.syslserve.com/changelog.html"
},
{
"name": "33566",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33566"
},
{
"name": "33311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33311"
}
]
}
}

140
2008/6xxx/CVE-2008-6119.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6119", "ID": "CVE-2008-6119",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "33848", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33848" "lang": "eng",
}, "value": "Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote attackers to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "32819", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/32819" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "gooplecms-editpass-code-execution(46800)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46800" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "32819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32819"
},
{
"name": "gooplecms-editpass-code-execution(46800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46800"
},
{
"name": "33848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33848"
}
]
}
}

180
2008/6xxx/CVE-2008-6510.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6510", "ID": "CVE-2008-6510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/498162/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter."
{ }
"name" : "7075", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/7075" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.igniterealtime.org/issues/browse/JM-629", ]
"refsource" : "CONFIRM", }
"url" : "http://www.igniterealtime.org/issues/browse/JM-629" ]
}, },
{ "references": {
"name" : "32189", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/32189" "name": "7075",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/7075"
"name" : "ADV-2008-3061", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/3061" "name": "http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt",
}, "refsource": "MISC",
{ "url": "http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt"
"name" : "openfire-url-xss(46486)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46486" "name": "http://www.igniterealtime.org/issues/browse/JM-629",
} "refsource": "CONFIRM",
] "url": "http://www.igniterealtime.org/issues/browse/JM-629"
} },
} {
"name": "openfire-url-xss(46486)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46486"
},
{
"name": "32189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32189"
},
{
"name": "20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498162/100/0/threaded"
},
{
"name": "ADV-2008-3061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3061"
}
]
}
}

150
2008/6xxx/CVE-2008-6535.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6535", "ID": "CVE-2008-6535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7367", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7367" "lang": "eng",
}, "value": "admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter."
{ }
"name" : "50682", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/50682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33036", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33036" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "paypalestores-settings-security-bypass(47203)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47203" ]
} },
] "references": {
} "reference_data": [
} {
"name": "33036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33036"
},
{
"name": "7367",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7367"
},
{
"name": "paypalestores-settings-security-bypass(47203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47203"
},
{
"name": "50682",
"refsource": "OSVDB",
"url": "http://osvdb.org/50682"
}
]
}
}

140
2008/7xxx/CVE-2008-7155.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7155", "ID": "CVE-2008-7155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/27150.pl", "description_data": [
"refsource" : "MISC", {
"url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/27150.pl" "lang": "eng",
}, "value": "NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request."
{ }
"name" : "27150", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/27150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "netrisk-changesubmit-information-disclosure(39465)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39465" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "27150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27150"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/27150.pl",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27150.pl"
},
{
"name": "netrisk-changesubmit-information-disclosure(39465)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39465"
}
]
}
}

210
2008/7xxx/CVE-2008-7248.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-7248", "ID": "CVE-2008-7248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20091128 CVE request: Ruby on Rails: CSRF circumvention (from 2008)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/11/28/1" "lang": "eng",
}, "value": "Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain."
{ }
"name" : "[oss-security] 20091202 Re: CVE request: Ruby on Rails: CSRF circumvention (from 2008)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2009/12/02/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en", "description": [
"refsource" : "MISC", {
"url" : "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/", ]
"refsource" : "MISC", }
"url" : "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/" ]
}, },
{ "references": {
"name" : "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html" "name": "[oss-security] 20091128 CVE request: Ruby on Rails: CSRF circumvention (from 2008)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2009/11/28/1"
"name" : "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1", },
"refsource" : "CONFIRM", {
"url" : "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1" "name": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html",
}, "refsource": "MISC",
{ "url": "http://www.rorsecurity.info/journal/2008/11/19/circumvent-rails-csrf-protection.html"
"name" : "SUSE-SR:2010:006", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html" "name": "36600",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36600"
"name" : "36600", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36600" "name": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/",
}, "refsource": "MISC",
{ "url": "http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/"
"name" : "38915", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38915" "name": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1",
}, "refsource": "CONFIRM",
{ "url": "http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1"
"name" : "ADV-2009-2544", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2544" "name": "ADV-2009-2544",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/2544"
} },
} {
"name": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en",
"refsource": "MISC",
"url": "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en"
},
{
"name": "SUSE-SR:2010:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "[oss-security] 20091202 Re: CVE request: Ruby on Rails: CSRF circumvention (from 2008)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/02/2"
},
{
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
}
]
}
}

34
2012/5xxx/CVE-2012-5107.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5107", "ID": "CVE-2012-5107",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2012/5xxx/CVE-2012-5798.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5798", "ID": "CVE-2012-5798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf" "lang": "eng",
} "value": "The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
]
}
}

380
2012/5xxx/CVE-2012-5839.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5839", "ID": "CVE-2012-5839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-105.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-105.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=804927", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=804927" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.palemoon.org/releasenotes-ng.shtml", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.palemoon.org/releasenotes-ng.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDVSA-2012:173", ]
"refsource" : "MANDRIVA", }
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:173" ]
}, },
{ "references": {
"name" : "RHSA-2012:1482", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1482.html" "name": "USN-1638-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-3"
"name" : "RHSA-2012:1483", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1483.html" "name": "oval:org.mitre.oval:def:16968",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16968"
"name" : "openSUSE-SU-2012:1583", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html" "name": "51370",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51370"
"name" : "openSUSE-SU-2012:1585", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html" "name": "USN-1638-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-2"
"name" : "openSUSE-SU-2012:1586", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html" "name": "openSUSE-SU-2012:1586",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
"name" : "SUSE-SU-2012:1592", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html" "name": "USN-1636-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1636-1"
"name" : "openSUSE-SU-2013:0175", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html" "name": "openSUSE-SU-2013:0175",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
"name" : "USN-1638-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-1" "name": "RHSA-2012:1483",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1483.html"
"name" : "USN-1638-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-3" "name": "firefox-gfxshapedword-bo(80196)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80196"
"name" : "USN-1638-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1638-2" "name": "http://www.palemoon.org/releasenotes-ng.shtml",
}, "refsource": "CONFIRM",
{ "url": "http://www.palemoon.org/releasenotes-ng.shtml"
"name" : "USN-1636-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1636-1" "name": "RHSA-2012:1482",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1482.html"
"name" : "56637", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56637" "name": "51434",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51434"
"name" : "87607", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/87607" "name": "openSUSE-SU-2012:1583",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
"name" : "oval:org.mitre.oval:def:16968", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16968" "name": "51439",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51439"
"name" : "51359", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51359" "name": "87607",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/87607"
"name" : "51360", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51360" "name": "51440",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51440"
"name" : "51369", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51369" "name": "USN-1638-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1638-1"
"name" : "51381", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51381" "name": "SUSE-SU-2012:1592",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
"name" : "51434", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51434" "name": "51359",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51359"
"name" : "51439", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51439" "name": "MDVSA-2012:173",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:173"
"name" : "51440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51440" "name": "openSUSE-SU-2012:1585",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
"name" : "51370", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51370" "name": "51381",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51381"
"name" : "firefox-gfxshapedword-bo(80196)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80196" "name": "51369",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51369"
} },
} {
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-105.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-105.html"
},
{
"name": "51360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51360"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=804927",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=804927"
},
{
"name": "56637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56637"
}
]
}
}

130
2017/11xxx/CVE-2017-11040.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-11040", "ID": "CVE-2017-11040",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-09-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-09-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to."
{ }
"name" : "100658", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100658" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "100658",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100658"
}
]
}
}

142
2017/11xxx/CVE-2017-11276.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00", "DATE_PUBLIC": "2017-08-08T00:00:00",
"ID" : "CVE-2017-11276", "ID": "CVE-2017-11276",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Digital Editions", "product_name": "Digital Editions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.5.4 and earlier." "version_value": "4.5.4 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Adobe Systems Incorporated" "vendor_name": "Adobe Systems Incorporated"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Corruption"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html" "lang": "eng",
}, "value": "Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "100244", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100244" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039100", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039100" "lang": "eng",
} "value": "Memory Corruption"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1039100",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039100"
},
{
"name": "100244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100244"
},
{
"name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html"
}
]
}
}

160
2017/11xxx/CVE-2017-11388.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@trendmicro.com", "ASSIGNER": "security@trendmicro.com",
"ID" : "CVE-2017-11388", "ID": "CVE-2017-11388",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-498", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-498" "lang": "eng",
}, "value": "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-499", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-499" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://success.trendmicro.com/solution/1117722", "description": [
"refsource" : "MISC", {
"url" : "https://success.trendmicro.com/solution/1117722" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "100078", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/100078" ]
}, },
{ "references": {
"name" : "1039049", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039049" "name": "100078",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/100078"
} },
} {
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-499",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-499"
},
{
"name": "1039049",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039049"
},
{
"name": "https://success.trendmicro.com/solution/1117722",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/1117722"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-498",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-498"
}
]
}
}

34
2017/11xxx/CVE-2017-11491.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-11491", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-11491",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/14xxx/CVE-2017-14679.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-14679", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-14679",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

170
2017/14xxx/CVE-2017-14994.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14994", "ID": "CVE-2017-14994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html" "lang": "eng",
}, "value": "ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames."
{ }
"name" : "https://nandynarwhals.org/CVE-2017-14994/", ]
"refsource" : "MISC", },
"url" : "https://nandynarwhals.org/CVE-2017-14994/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264", "description": [
"refsource" : "CONFIRM", {
"url" : "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://sourceforge.net/p/graphicsmagick/bugs/512/", ]
"refsource" : "CONFIRM", }
"url" : "https://sourceforge.net/p/graphicsmagick/bugs/512/" ]
}, },
{ "references": {
"name" : "DSA-4321", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4321" "name": "https://sourceforge.net/p/graphicsmagick/bugs/512/",
}, "refsource": "CONFIRM",
{ "url": "https://sourceforge.net/p/graphicsmagick/bugs/512/"
"name" : "101182", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101182" "name": "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264",
} "refsource": "CONFIRM",
] "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264"
} },
} {
"name": "101182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101182"
},
{
"name": "DSA-4321",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "https://nandynarwhals.org/CVE-2017-14994/",
"refsource": "MISC",
"url": "https://nandynarwhals.org/CVE-2017-14994/"
}
]
}
}

144
2017/15xxx/CVE-2017-15719.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-02-25T00:00:00", "DATE_PUBLIC": "2018-02-25T00:00:00",
"ID" : "CVE-2017-15719", "ID": "CVE-2017-15719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Wicket jQuery UI", "product_name": "Wicket jQuery UI",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<= 6.28.0" "version_value": "<= 6.28.0"
}, },
{ {
"version_value" : "<= 7.9.1" "version_value": "<= 7.9.1"
}, },
{ {
"version_value" : "<= 8.0.0-M8" "version_value": "<= 8.0.0-M8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://openmeetings.apache.org/security.html#_toc_cve-2017-15719_-_wicket_jquery_ui_xss_in_wysiwyg_e", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://openmeetings.apache.org/security.html#_toc_cve-2017-15719_-_wicket_jquery_ui_xss_in_wysiwyg_e" "lang": "eng",
}, "value": "In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor."
{ }
"name" : "https://github.com/sebfz1/wicket-jquery-ui/wiki#cve-2017-15719---xss-in-wysiwyg-editor", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/sebfz1/wicket-jquery-ui/wiki#cve-2017-15719---xss-in-wysiwyg-editor" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sebfz1/wicket-jquery-ui/wiki#cve-2017-15719---xss-in-wysiwyg-editor",
"refsource": "CONFIRM",
"url": "https://github.com/sebfz1/wicket-jquery-ui/wiki#cve-2017-15719---xss-in-wysiwyg-editor"
},
{
"name": "http://openmeetings.apache.org/security.html#_toc_cve-2017-15719_-_wicket_jquery_ui_xss_in_wysiwyg_e",
"refsource": "CONFIRM",
"url": "http://openmeetings.apache.org/security.html#_toc_cve-2017-15719_-_wicket_jquery_ui_xss_in_wysiwyg_e"
}
]
}
}

158
2017/3xxx/CVE-2017-3307.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3307", "ID": "CVE-2017-3307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Enterprise Monitor", "product_name": "MySQL Enterprise Monitor",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.1.6.8003 and earlier" "version_value": "3.1.6.8003 and earlier"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.2.1182 and earlier" "version_value": "3.2.1182 and earlier"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.3.2.1162 and earlier" "version_value": "3.3.2.1162 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L)."
{ }
"name" : "97844", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97844" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038287", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038287" "lang": "eng",
} "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "97844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97844"
},
{
"name": "1038287",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038287"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
}
]
}
}

120
2017/8xxx/CVE-2017-8442.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@elastic.co", "ASSIGNER": "security@elastic.co",
"ID" : "CVE-2017-8442", "ID": "CVE-2017-8442",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Elasticsearch X-Pack Security", "product_name": "Elasticsearch X-Pack Security",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0.0 to 5.4.3" "version_value": "5.0.0 to 5.4.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Elastic" "vendor_name": "Elastic"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.elastic.co/community/security", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.elastic.co/community/security" "lang": "eng",
} "value": "Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated Elasticsearch user to improperly view these details."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
}
]
}
}

142
2017/8xxx/CVE-2017-8597.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-09-12T00:00:00", "DATE_PUBLIC": "2017-09-12T00:00:00",
"ID" : "CVE-2017-8597", "ID": "CVE-2017-8597",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows 10 Version 1703" "version_value": "Microsoft Windows 10 Version 1703"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8643 and CVE-2017-8648."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597" "lang": "eng",
}, "value": "Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8643 and CVE-2017-8648."
{ }
"name" : "100745", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100745" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039326", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039326" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "100745",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100745"
},
{
"name": "1039326",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039326"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8597"
}
]
}
}

142
2017/8xxx/CVE-2017-8632.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-09-12T00:00:00", "DATE_PUBLIC": "2017-09-12T00:00:00",
"ID" : "CVE-2017-8632", "ID": "CVE-2017-8632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Office", "product_name": "Microsoft Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3" "version_value": "Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8630, CVE-2017-8631, and CVE-2017-8744."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8632", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8632" "lang": "eng",
}, "value": "A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8630, CVE-2017-8631, and CVE-2017-8744."
{ }
"name" : "100734", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100734" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039315", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039315" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8632",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8632"
},
{
"name": "100734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100734"
},
{
"name": "1039315",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039315"
}
]
}
}

34
2017/8xxx/CVE-2017-8909.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8909", "ID": "CVE-2017-8909",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2017/8xxx/CVE-2017-8928.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8928", "ID": "CVE-2017-8928",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mailcow 0.14, as used in \"mailcow: dockerized\" and other products, has CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42004", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42004/" "lang": "eng",
}, "value": "mailcow 0.14, as used in \"mailcow: dockerized\" and other products, has CSRF."
{ }
"name" : "https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42004/"
},
{
"name": "https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd",
"refsource": "CONFIRM",
"url": "https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd"
}
]
}
}

122
2018/12xxx/CVE-2018-12148.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2018-09-11T00:00:00", "DATE_PUBLIC": "2018-09-11T00:00:00",
"ID" : "CVE-2018-12148", "ID": "CVE-2018-12148",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) Driver & Support Assistant", "product_name": "Intel(R) Driver & Support Assistant",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions before 3.5.0.1." "version_value": "Versions before 3.5.0.1."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Escalation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html" "lang": "eng",
} "value": "Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html"
}
]
}
}

120
2018/12xxx/CVE-2018-12657.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12657", "ID": "CVE-2018-12657",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/slims/slims8_akasia/issues/101", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/slims/slims8_akasia/issues/101" "lang": "eng",
} "value": "Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/slims/slims8_akasia/issues/101",
"refsource": "MISC",
"url": "https://github.com/slims/slims8_akasia/issues/101"
}
]
}
}

120
2018/13xxx/CVE-2018-13320.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13320", "ID": "CVE-2018-13320",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.securityevaluators.com/buffalo-terastation-ts5600d1206-nas-cve-disclosure-ab5d159f036d", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.securityevaluators.com/buffalo-terastation-ts5600d1206-nas-cve-disclosure-ab5d159f036d" "lang": "eng",
} "value": "System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.securityevaluators.com/buffalo-terastation-ts5600d1206-nas-cve-disclosure-ab5d159f036d",
"refsource": "MISC",
"url": "https://blog.securityevaluators.com/buffalo-terastation-ts5600d1206-nas-cve-disclosure-ab5d159f036d"
}
]
}
}

130
2018/13xxx/CVE-2018-13755.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13755", "ID": "CVE-2018-13755",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/OTAKUToken", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/OTAKUToken" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/OTAKUToken",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/OTAKUToken"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
}
]
}
}

130
2018/13xxx/CVE-2018-13762.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13762", "ID": "CVE-2018-13762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Yumerium", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Yumerium" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Yumerium",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Yumerium"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
}
]
}
}

200
2018/16xxx/CVE-2018-16542.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16542", "ID": "CVE-2018-16542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html" "lang": "eng",
}, "value": "In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter."
{ }
"name" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8", ]
"refsource" : "MISC", },
"url" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://seclists.org/oss-sec/2018/q3/182", "description": [
"refsource" : "MISC", {
"url" : "http://seclists.org/oss-sec/2018/q3/182" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=699668", ]
"refsource" : "MISC", }
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=699668" ]
}, },
{ "references": {
"name" : "DSA-4288", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4288" "name": "RHSA-2018:2918",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2918"
"name" : "GLSA-201811-12", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201811-12" "name": "GLSA-201811-12",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201811-12"
"name" : "RHSA-2018:2918", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2918" "name": "USN-3768-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3768-1/"
"name" : "USN-3768-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3768-1/" "name": "105337",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/105337"
"name" : "105337", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105337" "name": "https://bugs.ghostscript.com/show_bug.cgi?id=699668",
} "refsource": "MISC",
] "url": "https://bugs.ghostscript.com/show_bug.cgi?id=699668"
} },
} {
"name": "DSA-4288",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4288"
},
{
"name": "[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8"
},
{
"name": "http://seclists.org/oss-sec/2018/q3/182",
"refsource": "MISC",
"url": "http://seclists.org/oss-sec/2018/q3/182"
}
]
}
}

34
2018/16xxx/CVE-2018-16566.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16566", "ID": "CVE-2018-16566",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/16xxx/CVE-2018-16691.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16691", "ID": "CVE-2018-16691",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/17xxx/CVE-2018-17011.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17011", "ID": "CVE-2018-17011",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md" "lang": "eng",
} "value": "An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md",
"refsource": "MISC",
"url": "https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md"
}
]
}
}

152
2018/17xxx/CVE-2018-17472.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-17472", "ID": "CVE-2018-17472",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : " 70.0.3538.67" "version_value": " 70.0.3538.67"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insufficient policy enforcement"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/822518", "description_data": [
"refsource" : "MISC", {
"url" : "https://crbug.com/822518" "lang": "eng",
}, "value": "Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page."
{ }
"name" : "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html", ]
"refsource" : "CONFIRM", },
"url" : "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201811-10", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201811-10" "lang": "eng",
}, "value": "Insufficient policy enforcement"
{ }
"name" : "105666", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/105666" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://crbug.com/822518",
"refsource": "MISC",
"url": "https://crbug.com/822518"
},
{
"name": "GLSA-201811-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-10"
},
{
"name": "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html"
},
{
"name": "105666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105666"
}
]
}
}

120
2018/17xxx/CVE-2018-17944.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17944", "ID": "CVE-2018-17944",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.lexmark.com/index?page=content&id=TE909", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.lexmark.com/index?page=content&id=TE909" "lang": "eng",
} "value": "On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.lexmark.com/index?page=content&id=TE909",
"refsource": "CONFIRM",
"url": "http://support.lexmark.com/index?page=content&id=TE909"
}
]
}
}

130
2018/4xxx/CVE-2018-4159.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2018-4159", "ID": "CVE-2018-4159",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the \"Graphics Drivers\" component. It allows attackers to bypass intended memory-read restrictions via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208849", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208849" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the \"Graphics Drivers\" component. It allows attackers to bypass intended memory-read restrictions via a crafted app."
{ }
"name" : "1041027", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1041027" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041027",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041027"
},
{
"name": "https://support.apple.com/HT208849",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208849"
}
]
}
}

140
2018/4xxx/CVE-2018-4924.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4924", "ID": "CVE-2018-4924",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Dreamweaver CC 18.0 and earlier versions", "product_name": "Adobe Dreamweaver CC 18.0 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Dreamweaver CC 18.0 and earlier versions" "version_value": "Adobe Dreamweaver CC 18.0 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "OS Command Injection"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/dreamweaver/apsb18-07.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://helpx.adobe.com/security/products/dreamweaver/apsb18-07.html" "lang": "eng",
}, "value": "Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
{ }
"name" : "103395", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103395" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040516", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040516" "lang": "eng",
} "value": "OS Command Injection"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/dreamweaver/apsb18-07.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb18-07.html"
},
{
"name": "103395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103395"
},
{
"name": "1040516",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040516"
}
]
}
}

5
2019/6xxx/CVE-2019-6486.json
View File

@ -86,6 +86,11 @@
"name": "106740", "name": "106740",
"refsource": "BID", "refsource": "BID",
"url": "http://www.securityfocus.com/bid/106740" "url": "http://www.securityfocus.com/bid/106740"
},
{
"refsource": "MISC",
"name": "https://github.com/google/wycheproof",
"url": "https://github.com/google/wycheproof"
} }
] ]
} }