admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:53:31 +00:00
parent 6f9862a0e6
commit a513ce8e1e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 4219 additions and 4219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
1999/1xxx/CVE-1999-1029.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1029",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1029",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs."
"lang": "eng",
"value": "SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990513 - J.J.F. / Hackers Team warns for SSHD 2.x brute force password hacking",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=92663402004280&w=2"
"name": "ssh2-bruteforce(2193)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2193"
},
{
"name" : "277",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/277"
"name": "19990513 - J.J.F. / Hackers Team warns for SSHD 2.x brute force password hacking",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=92663402004280&w=2"
},
{
"name" : "ssh2-bruteforce(2193)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2193"
"name": "277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/277"
}
]
}

74
1999/1xxx/CVE-1999-1165.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1165",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1165",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files."
"lang": "eng",
"value": "GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990721 old gnu finger bugs",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=93268249021561&w=2"
"name": "535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/535"
},
{
"name" : "19950317 GNU finger 1.37 executes ~/.fingerrc with gid root",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/2478"
"name": "19990721 old gnu finger bugs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93268249021561&w=2"
},
{
"name" : "535",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/535"
"name": "19950317 GNU finger 1.37 executes ~/.fingerrc with gid root",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/2478"
}
]
}

62
1999/1xxx/CVE-1999-1350.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1350",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1350",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse."
"lang": "eng",
"value": "ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990929 Multiple Vendor ARCAD permission problems",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=93871933521519&w=2"
"name": "19990929 Multiple Vendor ARCAD permission problems",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93871933521519&w=2"
}
]
}

62
1999/1xxx/CVE-1999-1482.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1482",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1482",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes."
"lang": "eng",
"value": "SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990219 Security hole: \"zgv\"",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-02-15&msg=Pine.LNX.3.96.990219175605.9622A-100000@ferret.lmh.ox.ac.uk"
"name": "19990219 Security hole: \"zgv\"",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-02-15&msg=Pine.LNX.3.96.990219175605.9622A-100000@ferret.lmh.ox.ac.uk"
}
]
}

68
2000/0xxx/CVE-2000-0276.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0276",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0276",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37."
"lang": "eng",
"value": "BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20000410 BeOS syscall bug",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000410131628.659.qmail@securityfocus.com"
"name": "1098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1098"
},
{
"name" : "1098",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1098"
"name": "20000410 BeOS syscall bug",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000410131628.659.qmail@securityfocus.com"
}
]
}

74
2000/0xxx/CVE-2000-0944.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0944",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0944",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password."
"lang": "eng",
"value": "CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20001027 CGI-Bug: News Update 1.1 administration password bug",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0402.html"
"name": "20001027 CGI-Bug: News Update 1.1 administration password bug",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0402.html"
},
{
"name" : "1881",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1881"
"name": "1881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1881"
},
{
"name" : "news-update-bypass-password(5433)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5433"
"name": "news-update-bypass-password(5433)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5433"
}
]
}

86
2000/0xxx/CVE-2000-0979.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0979",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0979",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the \"Share Level Password\" vulnerability."
"lang": "eng",
"value": "File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the \"Share Level Password\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=97147777618139&w=2"
"name": "MS00-072",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072"
},
{
"name" : "MS00-072",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072"
"name": "win9x-share-level-password(5395)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5395"
},
{
"name" : "1780",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1780"
"name": "1780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1780"
},
{
"name" : "win9x-share-level-password(5395)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5395"
"name": "20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97147777618139&w=2"
},
{
"name" : "oval:org.mitre.oval:def:996",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996"
"name": "oval:org.mitre.oval:def:996",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996"
}
]
}

68
2000/1xxx/CVE-2000-1240.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1240",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1240",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
"lang": "eng",
"value": "Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "23983",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23983"
"name": "anyportalphp-siteman-information-disclosure(25441)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25441"
},
{
"name" : "anyportalphp-siteman-information-disclosure(25441)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25441"
"name": "23983",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23983"
}
]
}

122
2005/2xxx/CVE-2005-2104.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2104",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-2104",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory."
"lang": "eng",
"value": "sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162978",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162978"
"name": "16381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16381"
},
{
"name" : "FEDORA-2005-1071",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00034.html"
"name": "18682",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18682"
},
{
"name" : "FEDORA-2005-1072",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00035.html"
"name": "17539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17539"
},
{
"name" : "RHSA-2005:598",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-598.html"
"name": "oval:org.mitre.oval:def:9411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9411"
},
{
"name" : "15379",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15379"
"name": "FEDORA-2005-1071",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00034.html"
},
{
"name" : "18682",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18682"
"name": "sysreport-race-condition(21770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21770"
},
{
"name" : "oval:org.mitre.oval:def:9411",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9411"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162978",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162978"
},
{
"name" : "1014653",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014653"
"name": "1014653",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014653"
},
{
"name" : "16381",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16381"
"name": "15379",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15379"
},
{
"name" : "17539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17539"
"name": "RHSA-2005:598",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-598.html"
},
{
"name" : "sysreport-race-condition(21770)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21770"
"name": "FEDORA-2005-1072",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00035.html"
}
]
}

80
2005/2xxx/CVE-2005-2215.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2215",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2215",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=340290",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=340290"
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name" : "SUSE-SR:2005:019",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
"name": "http://sourceforge.net/project/shownotes.php?release_id=340290",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=340290"
},
{
"name" : "14181",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14181"
"name": "14181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14181"
},
{
"name" : "15950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15950"
"name": "15950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15950"
}
]
}

86
2005/2xxx/CVE-2005-2488.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2488",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2488",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.rgod.altervista.org/webc.html",
"refsource" : "MISC",
"url" : "http://www.rgod.altervista.org/webc.html"
"name": "http://www.rgod.altervista.org/webc.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/webc.html"
},
{
"name" : "14464",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14464"
"name": "16317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16317"
},
{
"name" : "1014616",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014616"
"name": "14464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14464"
},
{
"name" : "16317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16317"
"name": "webcms-multiple-script-xss(21689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21689"
},
{
"name" : "webcms-multiple-script-xss(21689)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21689"
"name": "1014616",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014616"
}
]
}

74
2005/2xxx/CVE-2005-2509.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2509",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2509",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts."
"lang": "eng",
"value": "Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "APPLE-SA-2005-08-15",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
"name": "1014704",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014704"
},
{
"name" : "APPLE-SA-2005-08-17",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name" : "1014704",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014704"
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
}
]
}

74
2005/2xxx/CVE-2005-2633.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2633",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2633",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter."
"lang": "eng",
"value": "Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050817 PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112431407619802&w=2"
"name": "20050817 PHPTB Topic Board <= 20: Multiple PHP injection vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112431407619802&w=2"
},
{
"name" : "14592",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14592"
"name": "16492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16492"
},
{
"name" : "16492",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16492"
"name": "14592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14592"
}
]
}

92
2005/3xxx/CVE-2005-3073.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3073",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3073",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) \"mike\", (2) \"standard\", or (3) \"foundation\" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page."
"lang": "eng",
"value": "Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) \"mike\", (2) \"standard\", or (3) \"foundation\" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[interchange-announce] 20050922 Important: Security flaw found in Interchange demo catalog.",
"refsource" : "MLIST",
"url" : "http://www.icdevgroup.org/pipermail/interchange-announce/2005/000049.html"
"name": "interchange-submit-itl-injection(22387)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22387"
},
{
"name" : "[interchange-announce] 20050923 Important: Security flaw found in Interchange demo - Addendum",
"refsource" : "MLIST",
"url" : "http://www.icdevgroup.org/pipermail/interchange-announce/2005/000050.html"
"name": "14931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14931"
},
{
"name" : "14931",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14931"
"name": "16923",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16923"
},
{
"name" : "19653",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/19653"
"name": "[interchange-announce] 20050922 Important: Security flaw found in Interchange demo catalog.",
"refsource": "MLIST",
"url": "http://www.icdevgroup.org/pipermail/interchange-announce/2005/000049.html"
},
{
"name" : "16923",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16923"
"name": "[interchange-announce] 20050923 Important: Security flaw found in Interchange demo - Addendum",
"refsource": "MLIST",
"url": "http://www.icdevgroup.org/pipermail/interchange-announce/2005/000050.html"
},
{
"name" : "interchange-submit-itl-injection(22387)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22387"
"name": "19653",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19653"
}
]
}

146
2005/3xxx/CVE-2005-3245.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3245",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-3245",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the \"Dissect unknown RPC program numbers\" option is enabled, allows remote attackers to cause a denial of service (memory consumption)."
"lang": "eng",
"value": "Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the \"Dissect unknown RPC program numbers\" option is enabled, allows remote attackers to cause a denial of service (memory consumption)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00021.html",
"refsource" : "CONFIRM",
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00021.html"
"name": "RHSA-2005:809",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-809.html"
},
{
"name" : "FLSA-2006:152922",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
"name": "17327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17327"
},
{
"name" : "GLSA-200510-25",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml"
"name": "GLSA-200510-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml"
},
{
"name" : "RHSA-2005:809",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-809.html"
"name": "17392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17392"
},
{
"name" : "SUSE-SR:2005:025",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_25_sr.html"
"name": "17480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17480"
},
{
"name" : "15148",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15148"
"name": "1015082",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015082"
},
{
"name" : "20129",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20129"
"name": "http://www.ethereal.com/appnotes/enpa-sa-00021.html",
"refsource": "CONFIRM",
"url": "http://www.ethereal.com/appnotes/enpa-sa-00021.html"
},
{
"name" : "oval:org.mitre.oval:def:11060",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11060"
"name": "SUSE-SR:2005:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_25_sr.html"
},
{
"name" : "1015082",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015082"
"name": "17286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17286"
},
{
"name" : "17377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17377"
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name" : "17254",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17254"
"name": "17377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17377"
},
{
"name" : "17286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17286"
"name": "15148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15148"
},
{
"name" : "17327",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17327"
"name": "20129",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20129"
},
{
"name" : "17392",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17392"
"name": "oval:org.mitre.oval:def:11060",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11060"
},
{
"name" : "17480",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17480"
"name": "17254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17254"
}
]
}

110
2005/3xxx/CVE-2005-3633.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3633",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3633",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter."
"lang": "eng",
"value": "HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051109 CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=113156438708932&w=2"
"name": "20051109 CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=113156438708932&w=2"
},
{
"name" : "http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf",
"refsource" : "MISC",
"url" : "http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf"
"name": "sap-sapexiturl-response-splitting(23030)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23030"
},
{
"name" : "15360",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15360/"
"name": "http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf",
"refsource": "MISC",
"url": "http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf"
},
{
"name" : "ADV-2005-2361",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2361"
"name": "164",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/164"
},
{
"name" : "20714",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20714"
"name": "20714",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20714"
},
{
"name" : "1015174",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/alerts/2005/Nov/1015174.html"
"name": "17515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17515/"
},
{
"name" : "17515",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17515/"
"name": "1015174",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2005/Nov/1015174.html"
},
{
"name" : "164",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/164"
"name": "ADV-2005-2361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2361"
},
{
"name" : "sap-sapexiturl-response-splitting(23030)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23030"
"name": "15360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15360/"
}
]
}

92
2005/3xxx/CVE-2005-3934.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3934",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3934",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors."
"lang": "eng",
"value": "Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.symantec.com/avcenter/security/Content/2005.11.29.html",
"refsource" : "CONFIRM",
"url" : "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
"name": "17797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17797"
},
{
"name" : "15646",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15646"
"name": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"name" : "ADV-2005-2658",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2658"
"name": "15646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15646"
},
{
"name" : "1015284",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015284"
"name": "1015284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015284"
},
{
"name" : "17797",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17797"
"name": "ADV-2005-2658",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"name" : "symantec-pcanywhere-bo(23298)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
"name": "symantec-pcanywhere-bo(23298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
}
]
}

68
2005/4xxx/CVE-2005-4258.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4258",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4258",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
"lang": "eng",
"value": "Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15864",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15864"
"name": "cisco-catalyst-land-dos(44543)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44543"
},
{
"name" : "cisco-catalyst-land-dos(44543)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44543"
"name": "15864",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15864"
}
]
}

80
2005/4xxx/CVE-2005-4362.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4362",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4362",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter."
"lang": "eng",
"value": "SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2005/12/komodo-cms-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/komodo-cms-vuln.html"
"name": "15966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15966"
},
{
"name" : "15966",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15966"
"name": "18120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18120"
},
{
"name" : "ADV-2005-2993",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2993"
"name": "ADV-2005-2993",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2993"
},
{
"name" : "18120",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18120"
"name": "http://pridels0.blogspot.com/2005/12/komodo-cms-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/komodo-cms-vuln.html"
}
]
}

86
2005/4xxx/CVE-2005-4496.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4496",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4496",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2005/12/syntaxcms-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/syntaxcms-xss-vuln.html"
"name": "ADV-2005-3054",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3054"
},
{
"name" : "16033",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16033"
"name": "21859",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21859"
},
{
"name" : "ADV-2005-3054",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/3054"
"name": "18207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18207"
},
{
"name" : "21859",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21859"
"name": "16033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16033"
},
{
"name" : "18207",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18207"
"name": "http://pridels0.blogspot.com/2005/12/syntaxcms-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/syntaxcms-xss-vuln.html"
}
]
}

86
2009/2xxx/CVE-2009-2075.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2075",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2075",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors."
"lang": "eng",
"value": "Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://drupal.org/node/488092",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/488092"
"name": "35424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35424"
},
{
"name" : "http://drupal.org/node/488102",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/488102"
"name": "http://drupal.org/node/488092",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/488092"
},
{
"name" : "http://drupal.org/node/488104",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/488104"
"name": "35305",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35305"
},
{
"name" : "35305",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35305"
"name": "http://drupal.org/node/488104",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/488104"
},
{
"name" : "35424",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35424"
"name": "http://drupal.org/node/488102",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/488102"
}
]
}

74
2009/2xxx/CVE-2009-2134.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2134",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2134",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to obtain sensitive information via an invalid url parameter, which reveals the installation path in an error message."
"lang": "eng",
"value": "pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to obtain sensitive information via an invalid url parameter, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090612 [InterN0T] Pivot 1.40.4-7 - Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/504300/100/0/threaded"
"name": "8941",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8941"
},
{
"name" : "8941",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8941"
"name": "http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html",
"refsource": "MISC",
"url": "http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html"
},
{
"name" : "http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html",
"refsource" : "MISC",
"url" : "http://forum.intern0t.net/intern0t-advisories/1119-intern0t-pivot-1-40-4-7-multiple-vulnerabilities.html"
"name": "20090612 [InterN0T] Pivot 1.40.4-7 - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504300/100/0/threaded"
}
]
}

74
2009/2xxx/CVE-2009-2504.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2504",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2009-2504",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"GDI+ .NET API Vulnerability.\""
"lang": "eng",
"value": "Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"GDI+ .NET API Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS09-062",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
"name": "oval:org.mitre.oval:def:6282",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
},
{
"name" : "TA09-286A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
"name": "TA09-286A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"name" : "oval:org.mitre.oval:def:6282",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282"
"name": "MS09-062",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062"
}
]
}

92
2009/2xxx/CVE-2009-2981.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2981",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2981",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors."
"lang": "eng",
"value": "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
"name": "36638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36638"
},
{
"name" : "TA09-286B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
"name": "TA09-286B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name" : "36638",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36638"
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name" : "oval:org.mitre.oval:def:6284",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6284"
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name" : "1023007",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023007"
"name": "oval:org.mitre.oval:def:6284",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6284"
},
{
"name" : "ADV-2009-2898",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2898"
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
}
]
}

134
2009/3xxx/CVE-2009-3111.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3111",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3111",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
"lang": "eng",
"value": "The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://intevydis.com/vd-list.shtml",
"refsource" : "MISC",
"url" : "http://intevydis.com/vd-list.shtml"
"name": "36263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36263"
},
{
"name" : "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource" : "MLIST",
"url" : "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name" : "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/09/09/1"
"name": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource": "CONFIRM",
"url": "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
},
{
"name" : "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4",
"refsource" : "CONFIRM",
"url" : "http://github.com/alandekok/freeradius-server/commit/860cad9e02ba344edb0038419e415fe05a9a01f4"
"name": "[freeradius-users] 20090909 Version 1.1.8 has been released",
"refsource": "MLIST",
"url": "https://lists.freeradius.org/pipermail/freeradius-users/2009-September/msg00242.html"
},
{
"name" : "http://support.apple.com/kb/HT3937",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT3937"
"name": "36509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36509"
},
{
"name" : "APPLE-SA-2009-11-09-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
"name": "oval:org.mitre.oval:def:9919",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
},
{
"name" : "RHSA-2009:1451",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name" : "SUSE-SR:2009:016",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name" : "SUSE-SR:2009:018",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name" : "36263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36263"
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name" : "oval:org.mitre.oval:def:9919",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9919"
"name": "[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/09/1"
},
{
"name" : "36509",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36509"
"name": "RHSA-2009:1451",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1451.html"
},
{
"name" : "ADV-2009-3184",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3184"
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}

80
2009/3xxx/CVE-2009-3488.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3488",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3488",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a different vulnerability than CVE-2009-3479."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a different vulnerability than CVE-2009-3479."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090925 Drupal Bibliography 6.x-1.6 XSS Vuln",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2009/Sep/0373.html"
"name": "36521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36521"
},
{
"name" : "36521",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36521"
"name": "36834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36834"
},
{
"name" : "36834",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36834"
"name": "bibliography-title-xss(53483)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53483"
},
{
"name" : "bibliography-title-xss(53483)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53483"
"name": "20090925 Drupal Bibliography 6.x-1.6 XSS Vuln",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2009/Sep/0373.html"
}
]
}

80
2009/3xxx/CVE-2009-3787.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3787",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3787",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with \"logs/\" in between two . (dot) characters, which is filtered into a \"../\" sequence."
"lang": "eng",
"value": "files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with \"logs/\" in between two . (dot) characters, which is filtered into a \"../\" sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20091021 [waraxe-2009-SA#075] - Remote File Disclosure in Vivvo CMS 4.1.5.1",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/507358/100/0/threaded"
"name": "20091021 [waraxe-2009-SA#075] - Remote File Disclosure in Vivvo CMS 4.1.5.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507358/100/0/threaded"
},
{
"name" : "http://www.waraxe.us/advisory-75.html",
"refsource" : "MISC",
"url" : "http://www.waraxe.us/advisory-75.html"
"name": "37117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37117"
},
{
"name" : "36783",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36783"
"name": "36783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36783"
},
{
"name" : "37117",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37117"
"name": "http://www.waraxe.us/advisory-75.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-75.html"
}
]
}

68
2009/3xxx/CVE-2009-3819.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3819",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3819",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-014/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-014/"
"name": "37095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37095"
},
{
"name" : "37095",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37095"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-014/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-014/"
}
]
}

74
2009/4xxx/CVE-2009-4341.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4341",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4341",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
"name": "typo3-nis-sql-injection(54783)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54783"
},
{
"name" : "ADV-2009-3550",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3550"
"name": "ADV-2009-3550",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3550"
},
{
"name" : "typo3-nis-sql-injection(54783)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54783"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/"
}
]
}

92
2009/4xxx/CVE-2009-4368.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4368",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4368",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.centreon.com/Development/changelog-2x.html",
"refsource" : "CONFIRM",
"url" : "http://www.centreon.com/Development/changelog-2x.html"
"name": "37383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37383"
},
{
"name" : "37383",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37383"
"name": "ADV-2009-3578",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3578"
},
{
"name" : "61183",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/61183"
"name": "http://www.centreon.com/Development/changelog-2x.html",
"refsource": "CONFIRM",
"url": "http://www.centreon.com/Development/changelog-2x.html"
},
{
"name" : "37808",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37808"
"name": "61183",
"refsource": "OSVDB",
"url": "http://osvdb.org/61183"
},
{
"name" : "ADV-2009-3578",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3578"
"name": "37808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37808"
},
{
"name" : "centreon-ping-security-bypass(54893)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54893"
"name": "centreon-ping-security-bypass(54893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54893"
}
]
}

86
2015/0xxx/CVE-2015-0431.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0431",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0431",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0 6.3.1, 6.3.2, 6.3.4, and 6.3.5 allows remote attackers to affect integrity via unknown vectors related to UI Infrastructure."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0 6.3.1, 6.3.2, 6.3.4, and 6.3.5 allows remote attackers to affect integrity via unknown vectors related to UI Infrastructure."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "72125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72125"
},
{
"name" : "72125",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72125"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "1031576",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031576"
"name": "62506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62506"
},
{
"name" : "62506",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62506"
"name": "1031576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031576"
},
{
"name" : "oracle-cpujan2015-cve20150431(100107)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100107"
"name": "oracle-cpujan2015-cve20150431(100107)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100107"
}
]
}

68
2015/0xxx/CVE-2015-0509.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0509",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0509",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Reporting and Analysis."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to Reporting and Analysis."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
"name": "1032123",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032123"
},
{
"name" : "1032123",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032123"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
}
]
}

68
2015/0xxx/CVE-2015-0654.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0654",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0654",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652."
"lang": "eng",
"value": "Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150311 Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips"
"name": "20150311 Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips"
},
{
"name" : "1031908",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031908"
"name": "1031908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031908"
}
]
}

62
2015/0xxx/CVE-2015-0976.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0976",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-0976",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01"
}
]
}

86
2015/1xxx/CVE-2015-1086.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1086",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-1086",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app."
"lang": "eng",
"value": "The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT204661",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204661"
"name": "APPLE-SA-2015-04-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
},
{
"name" : "https://support.apple.com/HT204662",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204662"
"name": "1032050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032050"
},
{
"name" : "APPLE-SA-2015-04-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
"name": "https://support.apple.com/HT204662",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204662"
},
{
"name" : "APPLE-SA-2015-04-08-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html"
"name": "APPLE-SA-2015-04-08-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html"
},
{
"name" : "1032050",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032050"
"name": "https://support.apple.com/HT204661",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204661"
}
]
}

110
2015/1xxx/CVE-2015-1262.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1262",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1262",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text."
"lang": "eng",
"value": "platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html"
"name": "openSUSE-SU-2015:0969",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=476647",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=476647"
"name": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=194541&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=194541&view=revision"
"name": "GLSA-201506-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-04"
},
{
"name" : "DSA-3267",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3267"
"name": "openSUSE-SU-2015:1877",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html"
},
{
"name" : "GLSA-201506-04",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201506-04"
"name": "1032375",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032375"
},
{
"name" : "openSUSE-SU-2015:1877",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html"
"name": "DSA-3267",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3267"
},
{
"name" : "openSUSE-SU-2015:0969",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html"
"name": "https://src.chromium.org/viewvc/blink?revision=194541&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=194541&view=revision"
},
{
"name" : "74723",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74723"
"name": "74723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74723"
},
{
"name" : "1032375",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032375"
"name": "https://code.google.com/p/chromium/issues/detail?id=476647",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=476647"
}
]
}

152
2015/1xxx/CVE-2015-1787.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1787",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1787",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero."
"lang": "eng",
"value": "The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1202406",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1202406"
"name": "https://git.openssl.org/?p=openssl.git;a=commit;h=b19d8143212ae5fbc9cebfd51c01f802fabccd33",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=b19d8143212ae5fbc9cebfd51c01f802fabccd33"
},
{
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=b19d8143212ae5fbc9cebfd51c01f802fabccd33",
"refsource" : "CONFIRM",
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=b19d8143212ae5fbc9cebfd51c01f802fabccd33"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10110",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10110"
},
{
"name" : "https://www.openssl.org/news/secadv_20150319.txt",
"refsource" : "CONFIRM",
"url" : "https://www.openssl.org/news/secadv_20150319.txt"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name": "https://bto.bluecoat.com/security-advisory/sa92",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa92"
},
{
"name" : "https://bto.bluecoat.com/security-advisory/sa92",
"refsource" : "CONFIRM",
"url" : "https://bto.bluecoat.com/security-advisory/sa92"
"name": "https://www.openssl.org/news/secadv_20150319.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv_20150319.txt"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
"name": "HPSBMU03380",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10110",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10110"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1202406",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202406"
},
{
"name" : "GLSA-201503-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201503-11"
"name": "73238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73238"
},
{
"name" : "HPSBMU03380",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=143748090628601&w=2"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name" : "HPSBMU03397",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=144050297101809&w=2"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name" : "HPSBMU03409",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
"name": "HPSBMU03397",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144050297101809&w=2"
},
{
"name" : "73238",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73238"
"name": "1031929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031929"
},
{
"name" : "1031929",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031929"
"name": "GLSA-201503-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-11"
}
]
}

86
2015/1xxx/CVE-2015-1830.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1830",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1830",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors."
"lang": "eng",
"value": "Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-407/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-407/"
"name": "http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt",
"refsource": "CONFIRM",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-407",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-407"
"name": "76452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76452"
},
{
"name" : "http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt",
"refsource" : "CONFIRM",
"url" : "http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-407",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-407"
},
{
"name" : "76452",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76452"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-407/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-407/"
},
{
"name" : "1033315",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033315"
"name": "1033315",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033315"
}
]
}

134
2015/1xxx/CVE-2015-1860.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1860",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1860",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image."
"lang": "eng",
"value": "Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[Announce] 20150413 Qt Project Security Advisory - Multiple Vulnerabilities in Qt Image Format Handling",
"refsource" : "MLIST",
"url" : "http://lists.qt-project.org/pipermail/announce/2015-April/000067.html"
"name": "FEDORA-2015-6114",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html"
},
{
"name" : "https://codereview.qt-project.org/#/c/108248/",
"refsource" : "CONFIRM",
"url" : "https://codereview.qt-project.org/#/c/108248/"
"name": "FEDORA-2015-6573",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156937.html"
},
{
"name" : "FEDORA-2015-6114",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html"
"name": "FEDORA-2015-6123",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html"
},
{
"name" : "FEDORA-2015-6123",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html"
"name": "GLSA-201603-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-10"
},
{
"name" : "FEDORA-2015-6252",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html"
"name": "FEDORA-2015-6315",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html"
},
{
"name" : "FEDORA-2015-6315",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html"
"name": "FEDORA-2015-6613",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155947.html"
},
{
"name" : "FEDORA-2015-6364",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html"
"name": "74302",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74302"
},
{
"name" : "FEDORA-2015-6573",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156937.html"
"name": "FEDORA-2015-6364",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html"
},
{
"name" : "FEDORA-2015-6613",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155947.html"
"name": "FEDORA-2015-6661",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156761.html"
},
{
"name" : "FEDORA-2015-6661",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156761.html"
"name": "USN-2626-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2626-1"
},
{
"name" : "GLSA-201603-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-10"
"name": "[Announce] 20150413 Qt Project Security Advisory - Multiple Vulnerabilities in Qt Image Format Handling",
"refsource": "MLIST",
"url": "http://lists.qt-project.org/pipermail/announce/2015-April/000067.html"
},
{
"name" : "USN-2626-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2626-1"
"name": "https://codereview.qt-project.org/#/c/108248/",
"refsource": "CONFIRM",
"url": "https://codereview.qt-project.org/#/c/108248/"
},
{
"name" : "74302",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74302"
"name": "FEDORA-2015-6252",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html"
}
]
}

22
2015/4xxx/CVE-2015-4006.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4006",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4006",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/4xxx/CVE-2015-4240.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4240",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4240",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) via an unspecified URL in a GET request, aka Bug ID CSCuu37656."
"lang": "eng",
"value": "Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) via an unspecified URL in a GET request, aka Bug ID CSCuu37656."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150707 Cisco IP Communicator Web Access Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39623"
"name": "1032807",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032807"
},
{
"name" : "1032807",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032807"
"name": "20150707 Cisco IP Communicator Web Access Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39623"
}
]
}

68
2015/4xxx/CVE-2015-4286.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4286",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4286",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuu41377."
"lang": "eng",
"value": "The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuu41377."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150728 Cisco UCS Central Software File Access Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40151"
"name": "20150728 Cisco UCS Central Software File Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40151"
},
{
"name" : "1033112",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033112"
"name": "1033112",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033112"
}
]
}

22
2015/4xxx/CVE-2015-4690.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4690",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4690",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

116
2015/9xxx/CVE-2015-9251.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-9251",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9251",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed."
"lang": "eng",
"value": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc",
"refsource" : "MISC",
"url" : "https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc"
"name": "https://github.com/jquery/jquery/issues/2432",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/issues/2432"
},
{
"name" : "https://github.com/jquery/jquery/issues/2432",
"refsource" : "MISC",
"url" : "https://github.com/jquery/jquery/issues/2432"
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "https://github.com/jquery/jquery/pull/2588",
"refsource" : "MISC",
"url" : "https://github.com/jquery/jquery/pull/2588"
"name": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf",
"refsource": "MISC",
"url": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf"
},
{
"name" : "https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2",
"refsource" : "MISC",
"url" : "https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2"
"name": "https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2"
},
{
"name" : "https://snyk.io/vuln/npm:jquery:20150627",
"refsource" : "MISC",
"url" : "https://snyk.io/vuln/npm:jquery:20150627"
"name": "https://snyk.io/vuln/npm:jquery:20150627",
"refsource": "MISC",
"url": "https://snyk.io/vuln/npm:jquery:20150627"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04"
"name": "https://github.com/jquery/jquery/pull/2588",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/pull/2588"
},
{
"name" : "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf",
"refsource" : "MISC",
"url" : "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name": "105658",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105658"
},
{
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04"
},
{
"name" : "105658",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105658"
"name": "https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc"
}
]
}

84
2018/2xxx/CVE-2018-2473.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2473",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2473",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP BusinessObjects Business Intelligence Platform Server",
"version" : {
"version_data" : [
"product_name": "SAP BusinessObjects Business Intelligence Platform Server",
"version": {
"version_data": [
{
"version_name" : "=",
"version_value" : "4.1"
"version_name": "=",
"version_value": "4.1"
},
{
"version_name" : "=",
"version_value" : "4.2"
"version_name": "=",
"version_value": "4.2"
}
]
}
}
]
},
"vendor_name" : "SAP"
"vendor_name": "SAP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SAP BusinessObjects Business Intelligence Platform Server, versions 4.1 and 4.2, when using Web Intelligence Richclient 3 tiers mode gateway allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service."
"lang": "eng",
"value": "SAP BusinessObjects Business Intelligence Platform Server, versions 4.1 and 4.2, when using Web Intelligence Richclient 3 tiers mode gateway allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2657670",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2657670"
"name": "https://launchpad.support.sap.com/#/notes/2657670",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2657670"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
"name": "105903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105903"
},
{
"name" : "105903",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105903"
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

166
2018/2xxx/CVE-2018-2484.json
View File

@ -1,165 +1,165 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2484",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2484",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Enterprise Financial Services (SAPSCORE)",
"version" : {
"version_data" : [
"product_name": "SAP Enterprise Financial Services (SAPSCORE)",
"version": {
"version_data": [
{
"version_name" : "<",
"version_value" : "1.13"
"version_name": "<",
"version_value": "1.13"
},
{
"version_name" : "<",
"version_value" : "1.14"
"version_name": "<",
"version_value": "1.14"
},
{
"version_name" : "<",
"version_value" : "1.15"
"version_name": "<",
"version_value": "1.15"
}
]
}
},
{
"product_name" : "SAP Enterprise Financial Services (S4CORE)",
"version" : {
"version_data" : [
"product_name": "SAP Enterprise Financial Services (S4CORE)",
"version": {
"version_data": [
{
"version_name" : "<",
"version_value" : "1.01"
"version_name": "<",
"version_value": "1.01"
},
{
"version_name" : "<",
"version_value" : "1.02"
"version_name": "<",
"version_value": "1.02"
},
{
"version_name" : "<",
"version_value" : "1.03"
"version_name": "<",
"version_value": "1.03"
}
]
}
},
{
"product_name" : "SAP Enterprise Financial Services (EA-FINSERV)",
"version" : {
"version_data" : [
"product_name": "SAP Enterprise Financial Services (EA-FINSERV)",
"version": {
"version_data": [
{
"version_name" : "<",
"version_value" : "1.10"
"version_name": "<",
"version_value": "1.10"
},
{
"version_name" : "<",
"version_value" : "2.0"
"version_name": "<",
"version_value": "2.0"
},
{
"version_name" : "<",
"version_value" : "5.0"
"version_name": "<",
"version_value": "5.0"
},
{
"version_name" : "<",
"version_value" : "6.0"
"version_name": "<",
"version_value": "6.0"
},
{
"version_name" : "<",
"version_value" : "6.03"
"version_name": "<",
"version_value": "6.03"
},
{
"version_name" : "<",
"version_value" : "6.04"
"version_name": "<",
"version_value": "6.04"
},
{
"version_name" : "<",
"version_value" : "6.05"
"version_name": "<",
"version_value": "6.05"
},
{
"version_name" : "<",
"version_value" : "6.06"
"version_name": "<",
"version_value": "6.06"
},
{
"version_name" : "<",
"version_value" : "6.16"
"version_name": "<",
"version_value": "6.16"
},
{
"version_name" : "<",
"version_value" : "6.17"
"version_name": "<",
"version_value": "6.17"
},
{
"version_name" : "<",
"version_value" : "6.18"
"version_name": "<",
"version_value": "6.18"
},
{
"version_name" : "<",
"version_value" : "8.0"
"version_name": "<",
"version_value": "8.0"
}
]
}
},
{
"product_name" : "SAP Enterprise Financial Services (Bank/CFM)",
"version" : {
"version_data" : [
"product_name": "SAP Enterprise Financial Services (Bank/CFM)",
"version": {
"version_data": [
{
"version_name" : "<",
"version_value" : "4.63_20"
"version_name": "<",
"version_value": "4.63_20"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
"vendor_name": "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges."
"lang": "eng",
"value": "SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Missing Authorization Check"
"lang": "eng",
"value": "Missing Authorization Check"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2662687",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2662687"
"name": "https://launchpad.support.sap.com/#/notes/2662687",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2662687"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
},
{
"name" : "106477",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106477"
"name": "106477",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106477"
}
]
}

78
2018/2xxx/CVE-2018-2683.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2683",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2683",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Hospitality Simphony",
"version" : {
"version_data" : [
"product_name": "Hospitality Simphony",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "2.7"
"version_affected": "=",
"version_value": "2.7"
},
{
"version_affected" : "=",
"version_value" : "2.8"
"version_affected": "=",
"version_value": "2.8"
},
{
"version_affected" : "=",
"version_value" : "2.9"
"version_affected": "=",
"version_value": "2.9"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affected are 2.7, 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Simphony. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
"lang": "eng",
"value": "Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affected are 2.7, 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Simphony. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Simphony."
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Simphony."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "102544",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102544"
"name": "102544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102544"
}
]
}

150
2018/3xxx/CVE-2018-3183.json
View File

@ -1,135 +1,135 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3183",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3183",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Java",
"version" : {
"version_data" : [
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "Java SE: 8u181, 11"
"version_affected": "=",
"version_value": "Java SE: 8u181, 11"
},
{
"version_affected" : "=",
"version_value" : "Java SE Embedded: 8u181"
"version_affected": "=",
"version_value": "Java SE Embedded: 8u181"
},
{
"version_affected" : "=",
"version_value" : "JRockit: R28.3.19"
"version_affected": "=",
"version_value": "JRockit: R28.3.19"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20181018-0001/"
"name": "RHSA-2018:2942",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name" : "DSA-4326",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4326"
"name": "RHSA-2018:3534",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name" : "RHSA-2018:2942",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2942"
"name": "RHSA-2018:3003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name" : "RHSA-2018:2943",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2943"
"name": "105622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105622"
},
{
"name" : "RHSA-2018:3002",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3002"
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name" : "RHSA-2018:3003",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3003"
"name": "RHSA-2018:3002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name" : "RHSA-2018:3521",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3521"
"name": "RHSA-2018:3852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name" : "RHSA-2018:3533",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3533"
"name": "DSA-4326",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name" : "RHSA-2018:3534",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3534"
"name": "RHSA-2018:2943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name" : "RHSA-2018:3852",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3852"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "USN-3804-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3804-1/"
"name": "RHSA-2018:3533",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name" : "105622",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105622"
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name" : "1041889",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041889"
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
}
]
}

94
2018/6xxx/CVE-2018-6102.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "chrome-cve-admin@google.com",
"ID" : "CVE-2018-6102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2018-6102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Chrome",
"version" : {
"version_data" : [
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "66.0.3359.117"
"version_affected": "<",
"version_value": "66.0.3359.117"
}
]
}
}
]
},
"vendor_name" : "Google"
"vendor_name": "Google"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name."
"lang": "eng",
"value": "Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Insufficient policy enforcement"
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://crbug.com/813814",
"refsource" : "MISC",
"url" : "https://crbug.com/813814"
"name": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
},
{
"name" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
"name": "GLSA-201804-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-22"
},
{
"name" : "DSA-4182",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4182"
"name": "https://crbug.com/813814",
"refsource": "MISC",
"url": "https://crbug.com/813814"
},
{
"name" : "GLSA-201804-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201804-22"
"name": "DSA-4182",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4182"
},
{
"name" : "RHSA-2018:1195",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1195"
"name": "103917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103917"
},
{
"name" : "103917",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103917"
"name": "RHSA-2018:1195",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1195"
}
]
}

22
2018/6xxx/CVE-2018-6142.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6142",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6142",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2018/6xxx/CVE-2018-6328.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6328",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6328",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into its /api/hosts parameters using backquotes."
"lang": "eng",
"value": "It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into its /api/hosts parameters using backquotes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "44297",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44297/"
"name": "45559",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45559/"
},
{
"name" : "45559",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45559/"
"name": "https://support.unitrends.com/UnitrendsBackup/s/article/000006002",
"refsource": "CONFIRM",
"url": "https://support.unitrends.com/UnitrendsBackup/s/article/000006002"
},
{
"name" : "https://support.unitrends.com/UnitrendsBackup/s/article/000001150",
"refsource" : "CONFIRM",
"url" : "https://support.unitrends.com/UnitrendsBackup/s/article/000001150"
"name": "44297",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44297/"
},
{
"name" : "https://support.unitrends.com/UnitrendsBackup/s/article/000006002",
"refsource" : "CONFIRM",
"url" : "https://support.unitrends.com/UnitrendsBackup/s/article/000006002"
"name": "https://support.unitrends.com/UnitrendsBackup/s/article/000001150",
"refsource": "CONFIRM",
"url": "https://support.unitrends.com/UnitrendsBackup/s/article/000001150"
}
]
}

62
2018/6xxx/CVE-2018-6870.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6870",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6870",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature."
"lang": "eng",
"value": "Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://0day4u.wordpress.com/2018/03/19/website-seller-script-reflected-xss/",
"refsource" : "MISC",
"url" : "https://0day4u.wordpress.com/2018/03/19/website-seller-script-reflected-xss/"
"name": "https://0day4u.wordpress.com/2018/03/19/website-seller-script-reflected-xss/",
"refsource": "MISC",
"url": "https://0day4u.wordpress.com/2018/03/19/website-seller-script-reflected-xss/"
}
]
}

22
2018/7xxx/CVE-2018-7462.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7462",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7462",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2018/7xxx/CVE-2018-7521.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-03-13T00:00:00",
"ID" : "CVE-2018-7521",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-03-13T00:00:00",
"ID": "CVE-2018-7521",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Omron CX-Supervisor",
"version" : {
"version_data" : [
"product_name": "Omron CX-Supervisor",
"version": {
"version_data": [
{
"version_value" : "Version 3.30 and prior"
"version_value": "Version 3.30 and prior"
}
]
}
}
]
},
"vendor_name" : "ICS-CERT"
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file."
"lang": "eng",
"value": "In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "USE AFTER FREE CWE-416"
"lang": "eng",
"value": "USE AFTER FREE CWE-416"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01"
"name": "103394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103394"
},
{
"name" : "103394",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103394"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01"
}
]
}

22
2018/7xxx/CVE-2018-7827.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7827",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7827",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/7xxx/CVE-2018-7838.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7838",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7838",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}