admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:12:28 +00:00
parent 03fe29f92b
commit a59d4fb775
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 3110 additions and 3105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2004/0xxx/CVE-2004-0497.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0497", "ID": "CVE-2004-0497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CLA-2004:852", "description_data": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852" "lang": "eng",
}, "value": "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4."
{ }
"name" : "MDKSA-2004:066", ]
"refsource" : "MANDRAKE", },
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2004:354", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-354.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2004:360", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2004-360.html" ]
}, },
{ "references": {
"name" : "SUSE-SA:2004:020", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2004_20_kernel.html" "name": "RHSA-2004:354",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
"name" : "oval:org.mitre.oval:def:9867", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867" "name": "linux-fchown-groupid-modify(16599)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
"name" : "linux-fchown-groupid-modify(16599)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599" "name": "oval:org.mitre.oval:def:9867",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
} },
} {
"name": "RHSA-2004:360",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
},
{
"name": "MDKSA-2004:066",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"name": "CLA-2004:852",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852"
},
{
"name": "SUSE-SA:2004:020",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
}
]
}
}

290
2004/0xxx/CVE-2004-0941.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0941", "ID": "CVE-2004-0941",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-601", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-601" "lang": "eng",
}, "value": "Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990."
{ }
"name" : "MDKSA-2006:113", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:113" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2006:114", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:114" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDKSA-2006:122", ]
"refsource" : "MANDRIVA", }
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:122" ]
}, },
{ "references": {
"name" : "RHSA-2006:0194", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0194.html" "name": "RHSA-2006:0194",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0194.html"
"name" : "RHSA-2004:638", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-638.html" "name": "11663",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/11663"
"name" : "2004-0058", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2004/0058" "name": "P-071",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/p-071.shtml"
"name" : "USN-25-1", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-25-1/" "name": "21050",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21050"
"name" : "USN-33-1", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-33-1/" "name": "RHSA-2004:638",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-638.html"
"name" : "P-071", },
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/p-071.shtml" "name": "13179",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/13179/"
"name" : "11663", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11663" "name": "MDKSA-2006:113",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:113"
"name" : "oval:org.mitre.oval:def:1195", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1195" "name": "oval:org.mitre.oval:def:11176",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11176"
"name" : "oval:org.mitre.oval:def:11176", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11176" "name": "oval:org.mitre.oval:def:1195",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1195"
"name" : "13179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13179/" "name": "2004-0058",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2004/0058"
"name" : "18686", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18686" "name": "MDKSA-2006:114",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:114"
"name" : "20824", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20824" "name": "DSA-601",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2004/dsa-601"
"name" : "21050", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21050" "name": "MDKSA-2006:122",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:122"
"name" : "gd-graphics-gdmalloc-bo(18048)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18048" "name": "USN-25-1",
} "refsource": "UBUNTU",
] "url": "https://www.ubuntu.com/usn/usn-25-1/"
} },
} {
"name": "gd-graphics-gdmalloc-bo(18048)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18048"
},
{
"name": "18686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18686"
},
{
"name": "USN-33-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-33-1/"
},
{
"name": "20824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20824"
}
]
}
}

130
2004/1xxx/CVE-2004-1259.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1259", "ID": "CVE-2004-1259",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote attackers to execute arbitrary code via crafted ABC files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tigger.uic.edu/~jlongs2/holes/abcpp.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://tigger.uic.edu/~jlongs2/holes/abcpp.txt" "lang": "eng",
}, "value": "Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote attackers to execute arbitrary code via crafted ABC files."
{ }
"name" : "abcpp-handledirective-bo(18581)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18581" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "abcpp-handledirective-bo(18581)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18581"
},
{
"name": "http://tigger.uic.edu/~jlongs2/holes/abcpp.txt",
"refsource": "MISC",
"url": "http://tigger.uic.edu/~jlongs2/holes/abcpp.txt"
}
]
}
}

200
2004/1xxx/CVE-2004-1421.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1421", "ID": "CVE-2004-1421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to reference a URL on a remote web server that contains the code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041228 Multiple WHM Autopilot Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110425620105529&w=2" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to reference a URL on a remote web server that contains the code."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00059-12272004", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00059-12272004" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20041231 WHM AutoPilot Security Release [ Plus Upgrade Instructions ]", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110451997904494&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.whmautopilot.com/forum/lofiversion/index.php/t6785.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.whmautopilot.com/forum/lofiversion/index.php/t6785.html" ]
}, },
{ "references": {
"name" : "12119", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12119" "name": "20041231 WHM AutoPilot Security Release [ Plus Upgrade Instructions ]",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=110451997904494&w=2"
"name" : "12695", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/12695" "name": "whm-autopilot-php-file-include(18699)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18699"
"name" : "1012707", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012707" "name": "http://www.whmautopilot.com/forum/lofiversion/index.php/t6785.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.whmautopilot.com/forum/lofiversion/index.php/t6785.html"
"name" : "13673", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13673" "name": "12695",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/12695"
"name" : "whm-autopilot-php-file-include(18699)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18699" "name": "1012707",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1012707"
} },
} {
"name": "13673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13673"
},
{
"name": "20041228 Multiple WHM Autopilot Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110425620105529&w=2"
},
{
"name": "http://www.gulftech.org/?node=research&article_id=00059-12272004",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00059-12272004"
},
{
"name": "12119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12119"
}
]
}
}

160
2004/1xxx/CVE-2004-1518.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1518", "ID": "CVE-2004-1518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041111 [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110021385926870&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter."
{ }
"name" : "20041111 [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028609.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11660", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11660" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13174", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13174" ]
}, },
{ "references": {
"name" : "phorum-followphp-sql-injection(18045)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18045" "name": "13174",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/13174"
} },
} {
"name": "20041111 [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028609.html"
},
{
"name": "20041111 [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110021385926870&w=2"
},
{
"name": "phorum-followphp-sql-injection(18045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18045"
},
{
"name": "11660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11660"
}
]
}
}

160
2004/1xxx/CVE-2004-1878.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1878", "ID": "CVE-2004-1878",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040330 Linbit linbox Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108067245401673&w=2" "lang": "eng",
}, "value": "LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash)."
{ }
"name" : "http://www.websec.org/adv/linbit.txt.html", ]
"refsource" : "MISC", },
"url" : "http://www.websec.org/adv/linbit.txt.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "10010", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10010" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11264", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/11264" ]
}, },
{ "references": {
"name" : "linbox-slashslash-security-bypass(15677)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15677" "name": "11264",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/11264"
} },
} {
"name": "http://www.websec.org/adv/linbit.txt.html",
"refsource": "MISC",
"url": "http://www.websec.org/adv/linbit.txt.html"
},
{
"name": "10010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10010"
},
{
"name": "20040330 Linbit linbox Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108067245401673&w=2"
},
{
"name": "linbox-slashslash-security-bypass(15677)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15677"
}
]
}
}

180
2008/2xxx/CVE-2008-2049.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2049", "ID": "CVE-2008-2049",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://vuln.sg/epostmailserver410-en.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://vuln.sg/epostmailserver410-en.html" "lang": "eng",
}, "value": "The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message."
{ }
"name" : "http://www.e-postinc.jp/Mail_Server.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.e-postinc.jp/Mail_Server.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "28951", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28951" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2008-1389", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2008/1389/references" ]
}, },
{ "references": {
"name" : "1019930", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019930" "name": "29990",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29990"
"name" : "29990", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29990" "name": "http://vuln.sg/epostmailserver410-en.html",
}, "refsource": "MISC",
{ "url": "http://vuln.sg/epostmailserver410-en.html"
"name" : "epost-pop3-information-disclosure(42035)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42035" "name": "http://www.e-postinc.jp/Mail_Server.html",
} "refsource": "CONFIRM",
] "url": "http://www.e-postinc.jp/Mail_Server.html"
} },
} {
"name": "ADV-2008-1389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1389/references"
},
{
"name": "1019930",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019930"
},
{
"name": "epost-pop3-information-disclosure(42035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42035"
},
{
"name": "28951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28951"
}
]
}
}

230
2008/2xxx/CVE-2008-2245.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2008-2245", "ID": "CVE-2008-2245",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080812 Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742" "lang": "eng",
}, "value": "Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file."
{ }
"name" : "6732", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/6732" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBST02360", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT080117", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=121915960406986&w=2" ]
}, },
{ "references": {
"name" : "MS08-046", "reference_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046" "name": "20080812 Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742"
"name" : "TA08-225A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-225A.html" "name": "TA08-225A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"
"name" : "VU#309739", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/309739" "name": "oval:org.mitre.oval:def:5923",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923"
"name" : "30594", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30594" "name": "HPSBST02360",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"
"name" : "oval:org.mitre.oval:def:5923", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923" "name": "31385",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31385"
"name" : "ADV-2008-2350", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2350" "name": "SSRT080117",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"
"name" : "1020675", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020675" "name": "1020675",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020675"
"name" : "31385", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31385" "name": "ADV-2008-2350",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2008/2350"
} },
} {
"name": "MS08-046",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046"
},
{
"name": "VU#309739",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/309739"
},
{
"name": "6732",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6732"
},
{
"name": "30594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30594"
}
]
}
}

140
2008/2xxx/CVE-2008-2686.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2686", "ID": "CVE-2008-2686",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows remote attackers to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request for this filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "5767", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/5767" "lang": "eng",
}, "value": "webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows remote attackers to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request for this filename."
{ }
"name" : "29618", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29618" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "fluxcms-loadsave-file-overwrite(42961)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42961" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "fluxcms-loadsave-file-overwrite(42961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42961"
},
{
"name": "5767",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5767"
},
{
"name": "29618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29618"
}
]
}
}

510
2008/3xxx/CVE-2008-3114.json
View File

@ -1,257 +1,257 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3114", "ID": "CVE-2008-3114",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=122331139823057&w=2" "lang": "eng",
}, "value": "Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074."
{ }
"name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/497041/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT3178", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3178" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/kb/HT3179", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/kb/HT3179" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html" "name": "APPLE-SA-2008-09-24",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm" "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=122331139823057&w=2"
"name" : "APPLE-SA-2008-09-24", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" "name": "32436",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32436"
"name" : "GLSA-200911-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" "name": "32826",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32826"
"name" : "RHSA-2008:0594", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0594.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm"
"name" : "RHSA-2008:0595", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0595.html" "name": "31600",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31600"
"name" : "RHSA-2008:0790", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0790.html" "name": "SUSE-SA:2008:042",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
"name" : "RHSA-2008:0955", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2008-0955.html" "name": "32018",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32018"
"name" : "RHSA-2008:0906", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0906.html" "name": "GLSA-200911-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
"name" : "238905", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1" "name": "32179",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32179"
"name" : "SUSE-SA:2008:042", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html" "name": "33194",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33194"
"name" : "SUSE-SA:2008:043", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html" "name": "ADV-2008-2740",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2740"
"name" : "SUSE-SA:2008:045", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html" "name": "31320",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31320"
"name" : "SUSE-SR:2008:028", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html" "name": "SUSE-SA:2008:043",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
"name" : "SUSE-SR:2009:010", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" "name": "ADV-2008-2056",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2056/references"
"name" : "TA08-193A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-193A.html" "name": "238905",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"
"name" : "30148", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30148" "name": "31055",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31055"
"name" : "oval:org.mitre.oval:def:9755", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755" "name": "32180",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32180"
"name" : "35065", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35065" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
"name" : "37386", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37386" "name": "31736",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31736"
"name" : "31736", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31736" "name": "35065",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35065"
"name" : "ADV-2008-2056", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2056/references" "name": "http://support.apple.com/kb/HT3178",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3178"
"name" : "ADV-2008-2740", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2740" "name": "1020452",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020452"
"name" : "1020452", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020452" "name": "30148",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/30148"
"name" : "31010", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31010" "name": "RHSA-2008:0594",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0594.html"
"name" : "31055", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31055" "name": "31497",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31497"
"name" : "31320", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31320" "name": "SUSE-SR:2009:010",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
"name" : "31497", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31497" "name": "RHSA-2008:0955",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2008-0955.html"
"name" : "31600", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31600" "name": "SUSE-SR:2008:028",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"
"name" : "32018", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32018" "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
"name" : "32180", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32180" "name": "sun-javawebstart-cache-info-disclosure(43668)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43668"
"name" : "32179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32179" "name": "SUSE-SA:2008:045",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
"name" : "32436", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32436" "name": "RHSA-2008:0790",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
"name" : "32826", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32826" "name": "RHSA-2008:0906",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0906.html"
"name" : "33194", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33194" "name": "TA08-193A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
"name" : "sun-javawebstart-cache-info-disclosure(43668)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43668" "name": "37386",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/37386"
} },
} {
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "RHSA-2008:0595",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0595.html"
},
{
"name": "oval:org.mitre.oval:def:9755",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9755"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}

160
2008/3xxx/CVE-2008-3309.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3309", "ID": "CVE-2008-3309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6104", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6104" "lang": "eng",
}, "value": "SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter."
{ }
"name" : "30314", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30314" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-2153", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2153/references" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4038", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/4038" ]
}, },
{ "references": {
"name" : "digileave-infobook-sql-injection(43913)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43913" "name": "ADV-2008-2153",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2008/2153/references"
} },
} {
"name": "30314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30314"
},
{
"name": "4038",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4038"
},
{
"name": "6104",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6104"
},
{
"name": "digileave-infobook-sql-injection(43913)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43913"
}
]
}
}

170
2008/3xxx/CVE-2008-3451.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3451", "ID": "CVE-2008-3451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20080801 Re: CVE request: phpwebgallery < 1.7.2", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2008/08/01/3" "lang": "eng",
}, "value": "PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile."
{ }
"name" : "http://bugs.phpwebgallery.net/view.php?id=769", ]
"refsource" : "MISC", },
"url" : "http://bugs.phpwebgallery.net/view.php?id=769" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://forum.phpwebgallery.net/viewtopic.php?id=13545", "description": [
"refsource" : "CONFIRM", {
"url" : "http://forum.phpwebgallery.net/viewtopic.php?id=13545" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "30431", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/30431" ]
}, },
{ "references": {
"name" : "31232", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31232" "name": "phpwebgallery-adviser-info-disclosure(44101)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44101"
"name" : "phpwebgallery-adviser-info-disclosure(44101)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44101" "name": "30431",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/30431"
} },
} {
"name": "31232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31232"
},
{
"name": "http://bugs.phpwebgallery.net/view.php?id=769",
"refsource": "MISC",
"url": "http://bugs.phpwebgallery.net/view.php?id=769"
},
{
"name": "http://forum.phpwebgallery.net/viewtopic.php?id=13545",
"refsource": "CONFIRM",
"url": "http://forum.phpwebgallery.net/viewtopic.php?id=13545"
},
{
"name": "[oss-security] 20080801 Re: CVE request: phpwebgallery < 1.7.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/01/3"
}
]
}
}

140
2008/3xxx/CVE-2008-3777.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3777", "ID": "CVE-2008-3777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login credentials by reading these logs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm" "lang": "eng",
}, "value": "The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login credentials by reading these logs."
{ }
"name" : "30758", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30758" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "avaya-ses-servers-info-disclosure(44586)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44586" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-347.htm"
},
{
"name": "30758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30758"
},
{
"name": "avaya-ses-servers-info-disclosure(44586)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44586"
}
]
}
}

170
2008/6xxx/CVE-2008-6024.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6024", "ID": "CVE-2008-6024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "240546", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240546-1" "lang": "eng",
}, "value": "Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors."
{ }
"name" : "30753", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30753" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1020716", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1020716" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31517", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/31517" ]
}, },
{ "references": {
"name" : "ADV-2008-2415", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2415" "name": "240546",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240546-1"
"name" : "solaris-nfsv4-dos(44546)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44546" "name": "31517",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/31517"
} },
} {
"name": "30753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30753"
},
{
"name": "1020716",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020716"
},
{
"name": "ADV-2008-2415",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2415"
},
{
"name": "solaris-nfsv4-dos(44546)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44546"
}
]
}
}

160
2008/6xxx/CVE-2008-6955.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6955", "ID": "CVE-2008-6955",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain configuration details and passwords via a direct request for archive/config.ini."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7136", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7136" "lang": "eng",
}, "value": "mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain configuration details and passwords via a direct request for archive/config.ini."
{ }
"name" : "32324", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/32324" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "49886", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/49886" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "32751", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/32751" ]
}, },
{ "references": {
"name" : "mxcamarchive-config-information-disclosure(46647)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46647" "name": "7136",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/7136"
} },
} {
"name": "32324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32324"
},
{
"name": "32751",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32751"
},
{
"name": "49886",
"refsource": "OSVDB",
"url": "http://osvdb.org/49886"
},
{
"name": "mxcamarchive-config-information-disclosure(46647)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46647"
}
]
}
}

150
2008/6xxx/CVE-2008-6991.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6991", "ID": "CVE-2008-6991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6343", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6343" "lang": "eng",
}, "value": "SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter."
{ }
"name" : "30946", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30946" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "47910", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/47910" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31669", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/31669" ]
} },
] "references": {
} "reference_data": [
} {
"name": "47910",
"refsource": "OSVDB",
"url": "http://osvdb.org/47910"
},
{
"name": "30946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30946"
},
{
"name": "31669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31669"
},
{
"name": "6343",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6343"
}
]
}
}

34
2013/2xxx/CVE-2013-2097.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2097", "ID": "CVE-2013-2097",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2013/2xxx/CVE-2013-2623.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2623", "ID": "CVE-2013-2623",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2013/2xxx/CVE-2013-2935.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2935", "ID": "CVE-2013-2935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.citrix.com/article/CTX137162", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.citrix.com/article/CTX137162" "lang": "eng",
} "value": "Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/CTX137162",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX137162"
}
]
}
}

180
2013/2xxx/CVE-2013-2945.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2945", "ID": "CVE-2013-2945",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130501 SQL Injection in b2evolution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html" "lang": "eng",
}, "value": "SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticated administrators to execute arbitrary SQL commands via the show_statuses[] parameter. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands."
{ }
"name" : "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3", ]
"refsource" : "MISC", },
"url" : "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.htbridge.com/advisory/HTB23152", ]
"refsource" : "MISC", }
"url" : "https://www.htbridge.com/advisory/HTB23152" ]
}, },
{ "references": {
"name" : "59599", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/59599" "name": "20130501 SQL Injection in b2evolution",
}, "refsource": "BUGTRAQ",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0004.html"
"name" : "92905", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/92905" "name": "b2evolution-admin-sql-injection(83950)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83950"
"name" : "b2evolution-admin-sql-injection(83950)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83950" "name": "59599",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/59599"
} },
} {
"name": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html"
},
{
"name": "92905",
"refsource": "OSVDB",
"url": "http://osvdb.org/92905"
},
{
"name": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3",
"refsource": "MISC",
"url": "http://b2evolution.net/news/2013/04/29/b2evolution-4-1-7-and-5-0-3"
},
{
"name": "https://www.htbridge.com/advisory/HTB23152",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23152"
}
]
}
}

34
2013/6xxx/CVE-2013-6514.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-6514", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-6514",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

150
2017/11xxx/CVE-2017-11386.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@trendmicro.com", "ASSIGNER": "security@trendmicro.com",
"ID" : "CVE-2017-11386", "ID": "CVE-2017-11386",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-496", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-496" "lang": "eng",
}, "value": "SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549."
{ }
"name" : "https://success.trendmicro.com/solution/1117722", ]
"refsource" : "MISC", },
"url" : "https://success.trendmicro.com/solution/1117722" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100078", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100078" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1039049", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039049" ]
} },
] "references": {
} "reference_data": [
} {
"name": "100078",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100078"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-496",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-496"
},
{
"name": "1039049",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039049"
},
{
"name": "https://success.trendmicro.com/solution/1117722",
"refsource": "MISC",
"url": "https://success.trendmicro.com/solution/1117722"
}
]
}
}

34
2017/11xxx/CVE-2017-11891.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11891", "ID": "CVE-2017-11891",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2017/14xxx/CVE-2017-14416.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14416", "ID": "CVE-2017-14416",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/wandetect.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html" "lang": "eng",
} "value": "D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices have XSS in the action parameter to htdocs/web/wandetect.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html",
"refsource": "MISC",
"url": "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html"
}
]
}
}

120
2017/14xxx/CVE-2017-14579.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14579", "ID": "CVE-2017-14579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a \"Read Access Violation on Control Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000005b70.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14579", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14579" "lang": "eng",
} "value": "STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a \"Read Access Violation on Control Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000005b70.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14579",
"refsource": "MISC",
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14579"
}
]
}
}

34
2017/14xxx/CVE-2017-14701.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14701", "ID": "CVE-2017-14701",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2017/14xxx/CVE-2017-14921.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14921", "ID": "CVE-2017-14921",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stored XSS vulnerability via IMG element at \"Filename\" of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://openwall.com/lists/oss-security/2017/09/28/11", "description_data": [
"refsource" : "MISC", {
"url" : "http://openwall.com/lists/oss-security/2017/09/28/11" "lang": "eng",
}, "value": "Stored XSS vulnerability via IMG element at \"Filename\" of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users."
{ }
"name" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786", ]
"refsource" : "MISC", },
"url" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b", ]
"refsource" : "MISC", }
"url" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b" ]
}, },
{ "references": {
"name" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases", "reference_data": [
"refsource" : "MISC", {
"url" : "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases" "name": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases",
} "refsource": "MISC",
] "url": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases"
} },
} {
"name": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b",
"refsource": "MISC",
"url": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b"
},
{
"name": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b",
"refsource": "MISC",
"url": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b"
},
{
"name": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786",
"refsource": "MISC",
"url": "https://github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786"
},
{
"name": "http://openwall.com/lists/oss-security/2017/09/28/11",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/09/28/11"
}
]
}
}

120
2017/14xxx/CVE-2017-14946.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14946", "ID": "CVE-2017-14946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to \"Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=698538", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=698538" "lang": "eng",
} "value": "Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to \"Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=698538",
"refsource": "CONFIRM",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=698538"
}
]
}
}

34
2017/15xxx/CVE-2017-15464.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15464", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15464",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/15xxx/CVE-2017-15465.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15465", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15465",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/15xxx/CVE-2017-15477.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15477", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15477",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/15xxx/CVE-2017-15522.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15522", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15522",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/15xxx/CVE-2017-15679.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15679", "ID": "CVE-2017-15679",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2017/15xxx/CVE-2017-15846.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-03-26T00:00:00", "DATE_PUBLIC": "2018-03-26T00:00:00",
"ID" : "CVE-2017-15846", "ID": "CVE-2017-15846",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted Pointer Dereference in Camera"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960", "description_data": [
"refsource" : "MISC", {
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960" "lang": "eng",
}, "value": "In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur."
{ }
"name" : "https://source.android.com/security/bulletin/pixel/2018-02-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Untrusted Pointer Dereference in Camera"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960",
"refsource": "MISC",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2018-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}
}

140
2017/9xxx/CVE-2017-9117.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9117", "ID": "CVE-2017-9117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2690", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2690" "lang": "eng",
}, "value": "In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff."
{ }
"name" : "USN-3606-1", ]
"refsource" : "UBUNTU", },
"url" : "https://usn.ubuntu.com/3606-1/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98581", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98581" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "USN-3606-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3606-1/"
},
{
"name": "98581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98581"
},
{
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2690",
"refsource": "MISC",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2690"
}
]
}
}

130
2017/9xxx/CVE-2017-9120.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9120", "ID": "CVE-2017-9120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.php.net/bug.php?id=74544", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.php.net/bug.php?id=74544" "lang": "eng",
}, "value": "PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20181107-0003/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20181107-0003/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20181107-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181107-0003/"
},
{
"name": "https://bugs.php.net/bug.php?id=74544",
"refsource": "MISC",
"url": "https://bugs.php.net/bug.php?id=74544"
}
]
}
}

34
2017/9xxx/CVE-2017-9734.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9734", "ID": "CVE-2017-9734",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

136
2018/1000xxx/CVE-2018-1000538.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-06-23T11:22:33.053476", "DATE_ASSIGNED": "2018-06-23T11:22:33.053476",
"DATE_REQUESTED" : "2018-05-18T20:31:28", "DATE_REQUESTED": "2018-05-18T20:31:28",
"ID" : "CVE-2018-1000538", "ID": "CVE-2018-1000538",
"REQUESTER" : "aead@mail.de", "REQUESTER": "aead@mail.de",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Minio S3 server", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to RELEASE.2018-05-16T23-35-33Z" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Minio Inc." "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling (similar to CWE-774) vulnerability in write-to-RAM that can result in Denial of Service. This attack appear to be exploitable via Sending V4-(pre)signed requests with large bodies . This vulnerability appears to have been fixed in after commit 9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Allocation of Memory Without Limits or Throttling (similar to CWE-774)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/minio/minio/commit/9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7#diff-e8c3bc9bc83b5516d0cc806cd461d08bL220", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/minio/minio/commit/9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7#diff-e8c3bc9bc83b5516d0cc806cd461d08bL220" "lang": "eng",
}, "value": "Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling (similar to CWE-774) vulnerability in write-to-RAM that can result in Denial of Service. This attack appear to be exploitable via Sending V4-(pre)signed requests with large bodies . This vulnerability appears to have been fixed in after commit 9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7."
{ }
"name" : "https://github.com/minio/minio/pull/5957", ]
"refsource" : "MISC", },
"url" : "https://github.com/minio/minio/pull/5957" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/minio/minio/commit/9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7#diff-e8c3bc9bc83b5516d0cc806cd461d08bL220",
"refsource": "MISC",
"url": "https://github.com/minio/minio/commit/9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7#diff-e8c3bc9bc83b5516d0cc806cd461d08bL220"
},
{
"name": "https://github.com/minio/minio/pull/5957",
"refsource": "MISC",
"url": "https://github.com/minio/minio/pull/5957"
}
]
}
}

146
2018/1000xxx/CVE-2018-1000656.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-08-19T17:09:33.130462", "DATE_ASSIGNED": "2018-08-19T17:09:33.130462",
"DATE_REQUESTED" : "2018-08-15T16:18:15", "DATE_REQUESTED": "2018-08-15T16:18:15",
"ID" : "CVE-2018-1000656", "ID": "CVE-2018-1000656",
"REQUESTER" : "secure@veritas.com", "REQUESTER": "secure@veritas.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "flask", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Before 0.12.3" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Pallets Project" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20: Improper Input Validation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/pallets/flask/pull/2691", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/pallets/flask/pull/2691" "lang": "eng",
}, "value": "The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3."
{ }
"name" : "https://github.com/pallets/flask/releases/tag/0.12.3", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/pallets/flask/releases/tag/0.12.3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20190221-0001/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20190221-0001/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190221-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190221-0001/"
},
{
"name": "https://github.com/pallets/flask/pull/2691",
"refsource": "CONFIRM",
"url": "https://github.com/pallets/flask/pull/2691"
},
{
"name": "https://github.com/pallets/flask/releases/tag/0.12.3",
"refsource": "CONFIRM",
"url": "https://github.com/pallets/flask/releases/tag/0.12.3"
}
]
}
}

136
2018/1000xxx/CVE-2018-1000814.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-11-27T13:54:33.455118", "DATE_ASSIGNED": "2018-11-27T13:54:33.455118",
"DATE_REQUESTED" : "2018-10-11T15:23:21", "DATE_REQUESTED": "2018-10-11T15:23:21",
"ID" : "CVE-2018-1000814", "ID": "CVE-2018-1000814",
"REQUESTER" : "panos122008@gmail.com", "REQUESTER": "panos122008@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "aiohttp-session", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.6.0 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "aio-libs" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other/Unknown"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/aio-libs/aiohttp-session/issues/325", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/aio-libs/aiohttp-session/issues/325" "lang": "eng",
}, "value": "aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value."
{ }
"name" : "https://github.com/aio-libs/aiohttp-session/pull/331", ]
"refsource" : "MISC", },
"url" : "https://github.com/aio-libs/aiohttp-session/pull/331" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aio-libs/aiohttp-session/pull/331",
"refsource": "MISC",
"url": "https://github.com/aio-libs/aiohttp-session/pull/331"
},
{
"name": "https://github.com/aio-libs/aiohttp-session/issues/325",
"refsource": "MISC",
"url": "https://github.com/aio-libs/aiohttp-session/issues/325"
}
]
}
}

120
2018/12xxx/CVE-2018-12080.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12080", "ID": "CVE-2018-12080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the \"tradeTrap\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://peckshield.com/2018/06/11/tradeTrap/", "description_data": [
"refsource" : "MISC", {
"url" : "https://peckshield.com/2018/06/11/tradeTrap/" "lang": "eng",
} "value": "The mintToken function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the \"tradeTrap\" issue."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://peckshield.com/2018/06/11/tradeTrap/",
"refsource": "MISC",
"url": "https://peckshield.com/2018/06/11/tradeTrap/"
}
]
}
}

120
2018/12xxx/CVE-2018-12116.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-request@iojs.org", "ASSIGNER": "cve-request@iojs.org",
"ID" : "CVE-2018-12116", "ID": "CVE-2018-12116",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Node.js", "product_name": "Node.js",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to Node.js 6.15.0 and 8.14.0" "version_value": "All versions prior to Node.js 6.15.0 and 8.14.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Node.js Project" "vendor_name": "The Node.js Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-115: Misinterpretation of Input"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/" "lang": "eng",
} "value": "Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115: Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
}
]
}
}

160
2018/12xxx/CVE-2018-12932.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12932", "ID": "CVE-2018-12932",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719" "lang": "eng",
}, "value": "PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value."
{ }
"name" : "https://bugs.winehq.org/attachment.cgi?id=61284", ]
"refsource" : "MISC", },
"url" : "https://bugs.winehq.org/attachment.cgi?id=61284" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.winehq.org/show_bug.cgi?id=45105", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.winehq.org/show_bug.cgi?id=45105" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d", ]
"refsource" : "MISC", }
"url" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d" ]
}, },
{ "references": {
"name" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949", "reference_data": [
"refsource" : "MISC", {
"url" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949" "name": "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949",
} "refsource": "MISC",
] "url": "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949"
} },
} {
"name": "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d",
"refsource": "MISC",
"url": "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719"
},
{
"name": "https://bugs.winehq.org/attachment.cgi?id=61284",
"refsource": "MISC",
"url": "https://bugs.winehq.org/attachment.cgi?id=61284"
},
{
"name": "https://bugs.winehq.org/show_bug.cgi?id=45105",
"refsource": "MISC",
"url": "https://bugs.winehq.org/show_bug.cgi?id=45105"
}
]
}
}

34
2018/16xxx/CVE-2018-16220.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16220", "ID": "CVE-2018-16220",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/16xxx/CVE-2018-16329.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16329", "ID": "CVE-2018-16329",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1225", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1225" "lang": "eng",
} "value": "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/1225",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1225"
}
]
}
}

34
2018/4xxx/CVE-2018-4248.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4248", "ID": "CVE-2018-4248",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4374.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4374", "ID": "CVE-2018-4374",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4379.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4379", "ID": "CVE-2018-4379",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/4xxx/CVE-2018-4880.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4880", "ID": "CVE-2018-4880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions", "product_name": "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions" "version_value": "Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the conversion module that reads U3D data. A successful attack can lead to sensitive data exposure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out-of-bounds read"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html" "lang": "eng",
}, "value": "An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the conversion module that reads U3D data. A successful attack can lead to sensitive data exposure."
{ }
"name" : "102996", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102996" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040364", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040364" "lang": "eng",
} "value": "Out-of-bounds read"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "102996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102996"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-02.html"
},
{
"name": "1040364",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040364"
}
]
}
}

125
2019/9xxx/CVE-2019-9573.json
View File

@ -1,62 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9573", "ID": "CVE-2019-9573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WP Human Resource Management plugin before 2.2.6 for WordPress mishandles leave applications."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wordpress.org/plugins/hrm/#developers", "description_data": [
"refsource" : "MISC", {
"url" : "https://wordpress.org/plugins/hrm/#developers" "lang": "eng",
} "value": "The WP Human Resource Management plugin before 2.2.6 for WordPress mishandles leave applications."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/hrm/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/hrm/#developers"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190317 CVE-2019-9573 / CVE-2019-9574: WordPress plugin hrm missing server side authorization checks",
"url": "http://www.openwall.com/lists/oss-security/2019/03/17/1"
}
]
}
}