admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:36:07 +00:00
parent ec571d8a71
commit a8e13e887a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 3508 additions and 3508 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2002/0xxx/CVE-2002-0243.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0243", "ID": "CVE-2002-0243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed." "value": "Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020207 Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)", "name": "20020207 Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101309907709138&w=2" "url": "http://marc.info/?l=bugtraq&m=101309907709138&w=2"
} }
] ]
} }

74
2002/0xxx/CVE-2002-0534.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0534", "ID": "CVE-2002-0534",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \\0 characters within [code] tags." "value": "PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \\0 characters within [code] tags."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020416 Multiple Vulnerabilities in PostBoard", "name": "postboard-bbcode-dos(8883)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://online.securityfocus.com/archive/1/267936" "url": "http://www.iss.net/security_center/static/8883.php"
}, },
{ {
"name" : "postboard-bbcode-dos(8883)", "name": "4562",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/8883.php" "url": "http://www.securityfocus.com/bid/4562"
}, },
{ {
"name" : "4562", "name": "20020416 Multiple Vulnerabilities in PostBoard",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/4562" "url": "http://online.securityfocus.com/archive/1/267936"
} }
] ]
} }

80
2002/0xxx/CVE-2002-0887.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0887", "ID": "CVE-2002-0887",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files." "value": "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010522 [SRT2001-10] - scoadmin /tmp issues", "name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=99057164129869&w=2" "url": "http://marc.info/?l=bugtraq&m=99057164129869&w=2"
}, },
{ {
"name" : "CSSA-2002-SCO.22", "name": "openserver-scoadmin-symlink(9210)",
"refsource" : "CALDERA", "refsource": "XF",
"url" : "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt" "url": "http://www.iss.net/security_center/static/9210.php"
}, },
{ {
"name" : "4875", "name": "4875",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4875" "url": "http://www.securityfocus.com/bid/4875"
}, },
{ {
"name" : "openserver-scoadmin-symlink(9210)", "name": "CSSA-2002-SCO.22",
"refsource" : "XF", "refsource": "CALDERA",
"url" : "http://www.iss.net/security_center/static/9210.php" "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
} }
] ]
} }

80
2002/1xxx/CVE-2002-1491.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1491", "ID": "CVE-2002-1491",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving \"Default Connection\" settings, which could allow local users to gain privileges." "value": "The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving \"Default Connection\" settings, which could allow local users to gain privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020918 Cisco VPN 5000 Client Multiple Vulnerabilities", "name": "20020918 Cisco VPN 5000 Client Multiple Vulnerabilities",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml" "url": "http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml"
}, },
{ {
"name" : "cisco-vpn5000-defaultconnection-password(10129)", "name": "5736",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/10129.php" "url": "http://www.securityfocus.com/bid/5736"
}, },
{ {
"name" : "5736", "name": "cisco-vpn5000-defaultconnection-password(10129)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5736" "url": "http://www.iss.net/security_center/static/10129.php"
}, },
{ {
"name" : "7041", "name": "7041",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/7041" "url": "http://www.osvdb.org/7041"
} }
] ]
} }

74
2002/1xxx/CVE-2002-1849.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1849", "ID": "CVE-2002-1849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users." "value": "ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020731 FW: Parachat DoS Vulnerability", "name": "20020731 FW: Parachat DoS Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-07/0427.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0427.html"
}, },
{ {
"name" : "5370", "name": "parachat-no-logoff-dos(9735)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5370" "url": "http://www.iss.net/security_center/static/9735.php"
}, },
{ {
"name" : "parachat-no-logoff-dos(9735)", "name": "5370",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/9735.php" "url": "http://www.securityfocus.com/bid/5370"
} }
] ]
} }

80
2002/2xxx/CVE-2002-2311.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2311", "ID": "CVE-2002-2311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue." "value": "Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020723 Pressing CTRL in IE is dangerous - Sandblad advisory #8", "name": "20020723 Pressing CTRL in IE is dangerous - Sandblad advisory #8",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/283866" "url": "http://online.securityfocus.com/archive/1/283866"
}, },
{ {
"name" : "20020724 RE: Pressing CTRL in IE is dangerous - Sandblad advisory #8", "name": "ie-ctrl-file-upload(9653)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://online.securityfocus.com/archive/1/284068" "url": "http://www.iss.net/security_center/static/9653.php"
}, },
{ {
"name" : "5290", "name": "5290",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/5290" "url": "http://www.securityfocus.com/bid/5290"
}, },
{ {
"name" : "ie-ctrl-file-upload(9653)", "name": "20020724 RE: Pressing CTRL in IE is dangerous - Sandblad advisory #8",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/9653.php" "url": "http://online.securityfocus.com/archive/1/284068"
} }
] ]
} }

74
2002/2xxx/CVE-2002-2321.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2321", "ID": "CVE-2002-2321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter." "value": "Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021003 phpLinkat XSS Security Bug", "name": "20021003 phpLinkat XSS Security Bug",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0065.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0065.html"
}, },
{ {
"name" : "5890", "name": "phplinkat-url-showcat-xss(10269)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5890" "url": "http://www.iss.net/security_center/static/10269.php"
}, },
{ {
"name" : "phplinkat-url-showcat-xss(10269)", "name": "5890",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/10269.php" "url": "http://www.securityfocus.com/bid/5890"
} }
] ]
} }

74
2003/0xxx/CVE-2003-0735.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0735", "ID": "CVE-2003-0735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter." "value": "SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities", "name": "VU#925166",
"refsource" : "BUGTRAQ", "refsource": "CERT-VN",
"url" : "http://marc.info/?l=bugtraq&m=106062021711496&w=2" "url": "http://www.kb.cert.org/vuls/id/925166"
}, },
{ {
"name" : "20030902 GLSA: phpwebsite (200309-03)", "name": "20030902 GLSA: phpwebsite (200309-03)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=106252188522715&w=2" "url": "http://marc.info/?l=bugtraq&m=106252188522715&w=2"
}, },
{ {
"name" : "VU#925166", "name": "20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities",
"refsource" : "CERT-VN", "refsource": "BUGTRAQ",
"url" : "http://www.kb.cert.org/vuls/id/925166" "url": "http://marc.info/?l=bugtraq&m=106062021711496&w=2"
} }
] ]
} }

22
2005/1xxx/CVE-2005-1044.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2005-1044", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2005-1044",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0941. Reason: This candidate is a duplicate of CVE-2005-0941. Notes: All CVE users should reference CVE-2005-0941 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0941. Reason: This candidate is a duplicate of CVE-2005-0941. Notes: All CVE users should reference CVE-2005-0941 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

92
2005/1xxx/CVE-2005-1151.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2005-1151", "ID": "CVE-2005-1151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root." "value": "qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-728", "name": "15505",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2005/dsa-728" "url": "http://secunia.com/advisories/15505"
}, },
{ {
"name" : "GLSA-200505-17", "name": "15478",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml" "url": "http://secunia.com/advisories/15478"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=90622", "name": "http://bugs.gentoo.org/show_bug.cgi?id=90622",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=90622" "url": "http://bugs.gentoo.org/show_bug.cgi?id=90622"
}, },
{ {
"name" : "15475", "name": "DSA-728",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/15475" "url": "http://www.debian.org/security/2005/dsa-728"
}, },
{ {
"name" : "15478", "name": "15475",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/15478" "url": "http://secunia.com/advisories/15475"
}, },
{ {
"name" : "15505", "name": "GLSA-200505-17",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/15505" "url": "http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml"
} }
] ]
} }

122
2005/1xxx/CVE-2005-1161.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1161", "ID": "CVE-2005-1161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp." "value": "Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050414 Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore", "name": "1013720",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://marc.info/?l=bugtraq&m=111352017704126&w=2" "url": "http://securitytracker.com/id?1013720"
}, },
{ {
"name" : "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab", "name": "13183",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab" "url": "http://www.securityfocus.com/bid/13183"
}, },
{ {
"name" : "13181", "name": "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/13181" "url": "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab"
}, },
{ {
"name" : "13182", "name": "13182",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13182" "url": "http://www.securityfocus.com/bid/13182"
}, },
{ {
"name" : "13183", "name": "15518",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/13183" "url": "http://www.osvdb.org/15518"
}, },
{ {
"name" : "15518", "name": "15520",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/15518" "url": "http://www.osvdb.org/15520"
}, },
{ {
"name" : "15519", "name": "oneworldstore-product-category-sql-injection(20097)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/15519" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20097"
}, },
{ {
"name" : "15520", "name": "13181",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/15520" "url": "http://www.securityfocus.com/bid/13181"
}, },
{ {
"name" : "1013720", "name": "15519",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://securitytracker.com/id?1013720" "url": "http://www.osvdb.org/15519"
}, },
{ {
"name" : "14969", "name": "20050414 Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/14969" "url": "http://marc.info/?l=bugtraq&m=111352017704126&w=2"
}, },
{ {
"name" : "oneworldstore-product-category-sql-injection(20097)", "name": "14969",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20097" "url": "http://secunia.com/advisories/14969"
} }
] ]
} }

86
2005/1xxx/CVE-2005-1302.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1302", "ID": "CVE-2005-1302",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the \"change user\" field." "value": "SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the \"change user\" field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050425 Sql Injection in Confixx 3.06 & 3.08 & 3.?? ?", "name": "694",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://marc.info/?l=bugtraq&m=111444886429814&w=2" "url": "http://securityreason.com/securityalert/694"
}, },
{ {
"name" : "13355", "name": "13355",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13355" "url": "http://www.securityfocus.com/bid/13355"
}, },
{ {
"name" : "15815", "name": "15121",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/15815" "url": "http://secunia.com/advisories/15121"
}, },
{ {
"name" : "15121", "name": "20050425 Sql Injection in Confixx 3.06 & 3.08 & 3.?? ?",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/15121" "url": "http://marc.info/?l=bugtraq&m=111444886429814&w=2"
}, },
{ {
"name" : "694", "name": "15815",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/694" "url": "http://www.osvdb.org/15815"
} }
] ]
} }

74
2005/1xxx/CVE-2005-1808.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1808", "ID": "CVE-2005-1808",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception." "value": "Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050530 Crash in Stronghold 2 1.2", "name": "http://aluigi.altervista.org/adv/strong2boom-adv.txt",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=111747562806999&w=2" "url": "http://aluigi.altervista.org/adv/strong2boom-adv.txt"
}, },
{ {
"name" : "http://aluigi.altervista.org/adv/strong2boom-adv.txt", "name": "20050530 Crash in Stronghold 2 1.2",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://aluigi.altervista.org/adv/strong2boom-adv.txt" "url": "http://marc.info/?l=bugtraq&m=111747562806999&w=2"
}, },
{ {
"name" : "15556", "name": "15556",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/15556" "url": "http://secunia.com/advisories/15556"
} }
] ]
} }

80
2009/1xxx/CVE-2009-1048.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1048", "ID": "CVE-2009-1048",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header." "value": "The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090812 Authentication Bypass of Snom Phone Web Interface", "name": "http://www.csnc.ch/misc/files/advisories/cve-2009-1048.txt",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/505723/100/0/threaded" "url": "http://www.csnc.ch/misc/files/advisories/cve-2009-1048.txt"
}, },
{ {
"name" : "http://www.csnc.ch/misc/files/advisories/cve-2009-1048.txt", "name": "36293",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.csnc.ch/misc/files/advisories/cve-2009-1048.txt" "url": "http://secunia.com/advisories/36293"
}, },
{ {
"name" : "36293", "name": "20090812 Authentication Bypass of Snom Phone Web Interface",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/36293" "url": "http://www.securityfocus.com/archive/1/505723/100/0/threaded"
}, },
{ {
"name" : "snom-httphost-security-bypass(52424)", "name": "snom-httphost-security-bypass(52424)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52424" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52424"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1088.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1088", "ID": "CVE-2009-1088",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with \"extension elements and extension functions\" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime." "value": "Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with \"extension elements and extension functions\" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090319 Command Execution in Hannon Hill Cascade Server", "name": "8247",
"refsource" : "BUGTRAQ", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/archive/1/501981/100/0/threaded" "url": "https://www.exploit-db.com/exploits/8247"
}, },
{ {
"name" : "8247", "name": "http://support.hannonhill.com/browse/CSCD-4753",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/8247" "url": "http://support.hannonhill.com/browse/CSCD-4753"
}, },
{ {
"name" : "http://support.hannonhill.com/browse/CSCD-4753", "name": "20090319 Command Execution in Hannon Hill Cascade Server",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://support.hannonhill.com/browse/CSCD-4753" "url": "http://www.securityfocus.com/archive/1/501981/100/0/threaded"
}, },
{ {
"name" : "34186", "name": "34186",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34186" "url": "http://www.securityfocus.com/bid/34186"
}, },
{ {
"name" : "cascadeserver-xlst-command-execution(49332)", "name": "cascadeserver-xlst-command-execution(49332)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49332" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49332"
} }
] ]
} }

68
2009/1xxx/CVE-2009-1356.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1356", "ID": "CVE-2009-1356",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file." "value": "Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8452", "name": "34560",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/8452" "url": "http://www.securityfocus.com/bid/34560"
}, },
{ {
"name" : "34560", "name": "8452",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/34560" "url": "https://www.exploit-db.com/exploits/8452"
} }
] ]
} }

74
2009/1xxx/CVE-2009-1413.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1413", "ID": "CVE-2009-1413",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument-injection vulnerability." "value": "Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument-injection vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc", "name": "googlechrome-settimeout-xss(50447)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50447"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=9860", "name": "http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://code.google.com/p/chromium/issues/detail?id=9860" "url": "http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc"
}, },
{ {
"name" : "googlechrome-settimeout-xss(50447)", "name": "http://code.google.com/p/chromium/issues/detail?id=9860",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50447" "url": "http://code.google.com/p/chromium/issues/detail?id=9860"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1557.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1557", "ID": "CVE-2009-1557",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi; or (4) the this_file parameter to adm/file.cgi." "value": "Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi; or (4) the this_file parameter to adm/file.cgi."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-4/", "name": "wvc54gca-nextfile-xss(50224)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-4/" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50224"
}, },
{ {
"name" : "34714", "name": "34714",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34714" "url": "http://www.securityfocus.com/bid/34714"
}, },
{ {
"name" : "34767", "name": "ADV-2009-1173",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/34767" "url": "http://www.vupen.com/english/advisories/2009/1173"
}, },
{ {
"name" : "ADV-2009-1173", "name": "http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-4/",
"refsource" : "VUPEN", "refsource": "MISC",
"url" : "http://www.vupen.com/english/advisories/2009/1173" "url": "http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-4/"
}, },
{ {
"name" : "wvc54gca-nextfile-xss(50224)", "name": "34767",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50224" "url": "http://secunia.com/advisories/34767"
} }
] ]
} }

140
2009/1xxx/CVE-2009-1714.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1714", "ID": "CVE-2009-1714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes." "value": "Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT3613", "name": "35348",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://support.apple.com/kb/HT3613" "url": "http://www.securityfocus.com/bid/35348"
}, },
{ {
"name" : "APPLE-SA-2009-06-08-1", "name": "1022344",
"refsource" : "APPLE", "refsource": "SECTRACK",
"url" : "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" "url": "http://securitytracker.com/id?1022344"
}, },
{ {
"name" : "DSA-1950", "name": "43068",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2009/dsa-1950" "url": "http://secunia.com/advisories/43068"
}, },
{ {
"name" : "SUSE-SR:2011:002", "name": "safari-webinspector-xss(51268)",
"refsource" : "SUSE", "refsource": "XF",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51268"
}, },
{ {
"name" : "35260", "name": "ADV-2011-0212",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/35260" "url": "http://www.vupen.com/english/advisories/2011/0212"
}, },
{ {
"name" : "35348", "name": "APPLE-SA-2009-06-08-1",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/35348" "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
}, },
{ {
"name" : "55023", "name": "35260",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/55023" "url": "http://www.securityfocus.com/bid/35260"
}, },
{ {
"name" : "1022344", "name": "ADV-2009-1522",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://securitytracker.com/id?1022344" "url": "http://www.vupen.com/english/advisories/2009/1522"
}, },
{ {
"name" : "35379", "name": "37746",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/35379" "url": "http://secunia.com/advisories/37746"
}, },
{ {
"name" : "37746", "name": "DSA-1950",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/37746" "url": "http://www.debian.org/security/2009/dsa-1950"
}, },
{ {
"name" : "43068", "name": "SUSE-SR:2011:002",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/43068" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
}, },
{ {
"name" : "ADV-2009-1522", "name": "35379",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/1522" "url": "http://secunia.com/advisories/35379"
}, },
{ {
"name" : "ADV-2011-0212", "name": "55023",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2011/0212" "url": "http://osvdb.org/55023"
}, },
{ {
"name" : "safari-webinspector-xss(51268)", "name": "http://support.apple.com/kb/HT3613",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51268" "url": "http://support.apple.com/kb/HT3613"
} }
] ]
} }

22
2012/0xxx/CVE-2012-0346.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0346", "ID": "CVE-2012-0346",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

110
2012/2xxx/CVE-2012-2084.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2084", "ID": "CVE-2012-2084",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATH_INFO." "value": "Cross-site scripting (XSS) vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATH_INFO."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)", "name": "http://drupalcode.org/project/print.git/commit/30480e0",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/07/1" "url": "http://drupalcode.org/project/print.git/commit/30480e0"
}, },
{ {
"name" : "http://drupal.org/node/1515722", "name": "printeremailpdfversions-unspecified-xss(74611)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://drupal.org/node/1515722" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74611"
}, },
{ {
"name" : "http://drupal.org/node/1515060", "name": "http://drupalcode.org/project/print.git/commit/6771c3f",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1515060" "url": "http://drupalcode.org/project/print.git/commit/6771c3f"
}, },
{ {
"name" : "http://drupal.org/node/1515076", "name": "http://drupal.org/node/1515722",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://drupal.org/node/1515076" "url": "http://drupal.org/node/1515722"
}, },
{ {
"name" : "http://drupalcode.org/project/print.git/commit/30480e0", "name": "http://drupal.org/node/1515060",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupalcode.org/project/print.git/commit/30480e0" "url": "http://drupal.org/node/1515060"
}, },
{ {
"name" : "http://drupalcode.org/project/print.git/commit/6771c3f", "name": "52896",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://drupalcode.org/project/print.git/commit/6771c3f" "url": "http://www.securityfocus.com/bid/52896"
}, },
{ {
"name" : "52896", "name": "[oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/52896" "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
}, },
{ {
"name" : "48625", "name": "http://drupal.org/node/1515076",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/48625" "url": "http://drupal.org/node/1515076"
}, },
{ {
"name" : "printeremailpdfversions-unspecified-xss(74611)", "name": "48625",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74611" "url": "http://secunia.com/advisories/48625"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3080.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3080", "ID": "CVE-2012-3080",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2012/3xxx/CVE-2012-3182.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-3182", "ID": "CVE-2012-3182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote attackers to affect integrity, related to PIA Core Technology." "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote attackers to affect integrity, related to PIA Core Technology."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "name": "51001",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" "url": "http://secunia.com/advisories/51001"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
}, },
{ {
"name" : "1027671", "name": "1027671",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027671" "url": "http://www.securitytracker.com/id?1027671"
}, },
{ {
"name" : "51001", "name": "MDVSA-2013:150",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/51001" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

80
2012/3xxx/CVE-2012-3195.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-3195", "ID": "CVE-2012-3195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal." "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "name": "51001",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" "url": "http://secunia.com/advisories/51001"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
}, },
{ {
"name" : "1027671", "name": "1027671",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027671" "url": "http://www.securitytracker.com/id?1027671"
}, },
{ {
"name" : "51001", "name": "MDVSA-2013:150",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/51001" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3318.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3318", "ID": "CVE-2012-3318",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/3xxx/CVE-2012-3883.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3883", "ID": "CVE-2012-3883",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

170
2012/4xxx/CVE-2012-4179.json
View File

@ -1,151 +1,151 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4179", "ID": "CVE-2012-4179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors." "value": "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-85.html", "name": "50904",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-85.html" "url": "http://secunia.com/advisories/50904"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=785574", "name": "50984",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=785574" "url": "http://secunia.com/advisories/50984"
}, },
{ {
"name" : "DSA-2569", "name": "50935",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2012/dsa-2569" "url": "http://secunia.com/advisories/50935"
}, },
{ {
"name" : "DSA-2565", "name": "firefox-createcsspropertytxn-code-exec(79157)",
"refsource" : "DEBIAN", "refsource": "XF",
"url" : "http://www.debian.org/security/2012/dsa-2565" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79157"
}, },
{ {
"name" : "DSA-2572", "name": "50856",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2012/dsa-2572" "url": "http://secunia.com/advisories/50856"
}, },
{ {
"name" : "MDVSA-2012:163", "name": "DSA-2565",
"refsource" : "MANDRIVA", "refsource": "DEBIAN",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:163" "url": "http://www.debian.org/security/2012/dsa-2565"
}, },
{ {
"name" : "RHSA-2012:1351", "name": "50892",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1351.html" "url": "http://secunia.com/advisories/50892"
}, },
{ {
"name" : "SUSE-SU-2012:1351", "name": "DSA-2572",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html" "url": "http://www.debian.org/security/2012/dsa-2572"
}, },
{ {
"name" : "USN-1611-1", "name": "RHSA-2012:1351",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-1611-1" "url": "http://rhn.redhat.com/errata/RHSA-2012-1351.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16882", "name": "50936",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882" "url": "http://secunia.com/advisories/50936"
}, },
{ {
"name" : "50856", "name": "51181",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/50856" "url": "http://secunia.com/advisories/51181"
}, },
{ {
"name" : "50892", "name": "55318",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/50892" "url": "http://secunia.com/advisories/55318"
}, },
{ {
"name" : "50904", "name": "SUSE-SU-2012:1351",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/50904" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html"
}, },
{ {
"name" : "50935", "name": "MDVSA-2012:163",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/50935" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:163"
}, },
{ {
"name" : "50936", "name": "oval:org.mitre.oval:def:16882",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/50936" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882"
}, },
{ {
"name" : "50984", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=785574",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/50984" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=785574"
}, },
{ {
"name" : "51181", "name": "USN-1611-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/51181" "url": "http://www.ubuntu.com/usn/USN-1611-1"
}, },
{ {
"name" : "55318", "name": "DSA-2569",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/55318" "url": "http://www.debian.org/security/2012/dsa-2569"
}, },
{ {
"name" : "firefox-createcsspropertytxn-code-exec(79157)", "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-85.html",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79157" "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-85.html"
} }
] ]
} }

74
2012/4xxx/CVE-2012-4394.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-4394", "ID": "CVE-2012-4394",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter." "value": "Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120810 ownCloud - matching CVEs to fix information and vice versa", "name": "https://github.com/owncloud/core/commit/d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/08/11/1" "url": "https://github.com/owncloud/core/commit/d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8"
}, },
{ {
"name" : "[oss-security] 20120901 Re: CVE - ownCloud", "name": "[oss-security] 20120810 ownCloud - matching CVEs to fix information and vice versa",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/02/2" "url": "http://www.openwall.com/lists/oss-security/2012/08/11/1"
}, },
{ {
"name" : "https://github.com/owncloud/core/commit/d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8", "name": "[oss-security] 20120901 Re: CVE - ownCloud",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/owncloud/core/commit/d203fa2c50f4b2791e68e2b8ab9a0f8b94f9c9f8" "url": "http://www.openwall.com/lists/oss-security/2012/09/02/2"
} }
] ]
} }

140
2012/4xxx/CVE-2012-4508.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-4508", "ID": "CVE-2012-4508",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized." "value": "Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20121025 CVE-2012-4508 -- kernel: ext4: AIO vs fallocate stale data exposure", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/10/25/1" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531", "name": "RHSA-2012:1540",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531" "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16", "name": "RHSA-2013:0496",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16" "url": "http://rhn.redhat.com/errata/RHSA-2013-0496.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=869904", "name": "RHSA-2013:1783",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=869904" "url": "http://rhn.redhat.com/errata/RHSA-2013-1783.html"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531", "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531" "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16"
}, },
{ {
"name" : "FEDORA-2012-17479", "name": "USN-1645-1",
"refsource" : "FEDORA", "refsource": "UBUNTU",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html" "url": "http://www.ubuntu.com/usn/USN-1645-1"
}, },
{ {
"name" : "RHSA-2012:1540", "name": "USN-1899-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1540.html" "url": "http://www.ubuntu.com/usn/USN-1899-1"
}, },
{ {
"name" : "RHSA-2013:0496", "name": "RHSA-2013:1519",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0496.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1519.html"
}, },
{ {
"name" : "RHSA-2013:1519", "name": "SUSE-SU-2012:1679",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1519.html" "url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
}, },
{ {
"name" : "RHSA-2013:1783", "name": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1783.html" "url": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531"
}, },
{ {
"name" : "SUSE-SU-2012:1679", "name": "FEDORA-2012-17479",
"refsource" : "SUSE", "refsource": "FEDORA",
"url" : "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html"
}, },
{ {
"name" : "USN-1645-1", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=869904",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-1645-1" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869904"
}, },
{ {
"name" : "USN-1899-1", "name": "[oss-security] 20121025 CVE-2012-4508 -- kernel: ext4: AIO vs fallocate stale data exposure",
"refsource" : "UBUNTU", "refsource": "MLIST",
"url" : "http://www.ubuntu.com/usn/USN-1899-1" "url": "http://www.openwall.com/lists/oss-security/2012/10/25/1"
}, },
{ {
"name" : "USN-1900-1", "name": "USN-1900-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1900-1" "url": "http://www.ubuntu.com/usn/USN-1900-1"
} }
] ]
} }

134
2012/4xxx/CVE-2012-4561.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-4561", "ID": "CVE-2012-4561",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free \"an invalid pointer on an error path,\" which might allow remote attackers to cause a denial of service (crash) via unspecified vectors." "value": "The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free \"an invalid pointer on an error path,\" which might allow remote attackers to cause a denial of service (crash) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20121120 libssh 0.5.3 release fixes multiple security issues", "name": "DSA-2577",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/20/3" "url": "http://www.debian.org/security/2012/dsa-2577"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=871617", "name": "MDVSA-2012:175",
"refsource" : "MISC", "refsource": "MANDRIVA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=871617" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:175"
}, },
{ {
"name" : "http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=871617",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871617"
}, },
{ {
"name" : "DSA-2577", "name": "USN-1640-1",
"refsource" : "DEBIAN", "refsource": "UBUNTU",
"url" : "http://www.debian.org/security/2012/dsa-2577" "url": "http://www.ubuntu.com/usn/USN-1640-1"
}, },
{ {
"name" : "FEDORA-2012-18610", "name": "openSUSE-SU-2013:0130",
"refsource" : "FEDORA", "refsource": "SUSE",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html"
}, },
{ {
"name" : "FEDORA-2012-18677", "name": "openSUSE-SU-2012:1622",
"refsource" : "FEDORA", "refsource": "SUSE",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html" "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html"
}, },
{ {
"name" : "MDVSA-2012:175", "name": "FEDORA-2012-18610",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:175" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html"
}, },
{ {
"name" : "openSUSE-SU-2012:1620", "name": "openSUSE-SU-2012:1620",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html"
}, },
{ {
"name" : "openSUSE-SU-2012:1622", "name": "[oss-security] 20121120 libssh 0.5.3 release fixes multiple security issues",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html" "url": "http://www.openwall.com/lists/oss-security/2012/11/20/3"
}, },
{ {
"name" : "openSUSE-SU-2013:0130", "name": "libssh-multiple-dos(80220)",
"refsource" : "SUSE", "refsource": "XF",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80220"
}, },
{ {
"name" : "USN-1640-1", "name": "FEDORA-2012-18677",
"refsource" : "UBUNTU", "refsource": "FEDORA",
"url" : "http://www.ubuntu.com/usn/USN-1640-1" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html"
}, },
{ {
"name" : "56604", "name": "56604",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/56604" "url": "http://www.securityfocus.com/bid/56604"
}, },
{ {
"name" : "libssh-multiple-dos(80220)", "name": "http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80220" "url": "http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/"
} }
] ]
} }

68
2012/4xxx/CVE-2012-4596.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4596", "ID": "CVE-2012-4596",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL." "value": "Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10026", "name": "1027444",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10026" "url": "http://www.securitytracker.com/id?1027444"
}, },
{ {
"name" : "1027444", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10026",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1027444" "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10026"
} }
] ]
} }

62
2012/4xxx/CVE-2012-4702.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2012-4702", "ID": "CVE-2012-4702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session." "value": "360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdf", "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdf" "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdf"
} }
] ]
} }

22
2012/6xxx/CVE-2012-6176.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6176", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-6176",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }

68
2012/6xxx/CVE-2012-6347.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6347", "ID": "CVE-2012-6347",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Java number format exception handling in FortiGate FortiDB before 4.4.2 allow remote attackers to inject arbitrary web script or HTML via the conversationContext parameter to (1) admin/auditTrail.jsf, (2) mapolicymgmt/targetsMonitorView.jsf, (3) vascan/globalsummary.jsf, (4) vaerrorlog/vaErrorLog.jsf, (5) database/listTargetGroups.jsf, (6) sysconfig/listSystemInfo.jsf, (7) vascan/list.jsf, (8) network/router.jsf, (9) mapolicymgmt/editPolicyProfile.jsf, or (10) mapolicymgmt/maPolicyMasterList.jsf." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Java number format exception handling in FortiGate FortiDB before 4.4.2 allow remote attackers to inject arbitrary web script or HTML via the conversationContext parameter to (1) admin/auditTrail.jsf, (2) mapolicymgmt/targetsMonitorView.jsf, (3) vascan/globalsummary.jsf, (4) vaerrorlog/vaErrorLog.jsf, (5) database/listTargetGroups.jsf, (6) sysconfig/listSystemInfo.jsf, (7) vascan/list.jsf, (8) network/router.jsf, (9) mapolicymgmt/editPolicyProfile.jsf, or (10) mapolicymgmt/maPolicyMasterList.jsf."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.vulnerability-lab.com/get_content.php?id=558", "name": "https://fortiguard.com/psirt/FG-IR-012-007",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://www.vulnerability-lab.com/get_content.php?id=558" "url": "https://fortiguard.com/psirt/FG-IR-012-007"
}, },
{ {
"name" : "https://fortiguard.com/psirt/FG-IR-012-007", "name": "https://www.vulnerability-lab.com/get_content.php?id=558",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://fortiguard.com/psirt/FG-IR-012-007" "url": "https://www.vulnerability-lab.com/get_content.php?id=558"
} }
] ]
} }

92
2017/2xxx/CVE-2017-2549.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2549", "ID": "CVE-2017-2549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with frame loading." "value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with frame loading."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207798", "name": "1038487",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT207798" "url": "http://www.securitytracker.com/id/1038487"
}, },
{ {
"name" : "https://support.apple.com/HT207801", "name": "https://support.apple.com/HT207804",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207801" "url": "https://support.apple.com/HT207804"
}, },
{ {
"name" : "https://support.apple.com/HT207804", "name": "GLSA-201706-15",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://support.apple.com/HT207804" "url": "https://security.gentoo.org/glsa/201706-15"
}, },
{ {
"name" : "GLSA-201706-15", "name": "https://support.apple.com/HT207798",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201706-15" "url": "https://support.apple.com/HT207798"
}, },
{ {
"name" : "98473", "name": "https://support.apple.com/HT207801",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/98473" "url": "https://support.apple.com/HT207801"
}, },
{ {
"name" : "1038487", "name": "98473",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038487" "url": "http://www.securityfocus.com/bid/98473"
} }
] ]
} }

74
2017/2xxx/CVE-2017-2958.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-2958", "ID": "CVE-2017-2958",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.", "product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier." "version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution." "value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use After Free" "value": "Use After Free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html", "name": "1037574",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html" "url": "http://www.securitytracker.com/id/1037574"
}, },
{ {
"name" : "95343", "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/95343" "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}, },
{ {
"name" : "1037574", "name": "95343",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037574" "url": "http://www.securityfocus.com/bid/95343"
} }
] ]
} }

80
2017/2xxx/CVE-2017-2961.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-2961", "ID": "CVE-2017-2961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.", "product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier." "version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution." "value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use After Free" "value": "Use After Free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-025", "name": "1037574",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-025" "url": "http://www.securitytracker.com/id/1037574"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html", "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html" "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}, },
{ {
"name" : "95343", "name": "95343",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/95343" "url": "http://www.securityfocus.com/bid/95343"
}, },
{ {
"name" : "1037574", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-025",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1037574" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
} }
] ]
} }

70
2017/6xxx/CVE-2017-6103.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "larry0@me.com", "ASSIGNER": "larry0@me.com",
"ID" : "CVE-2017-6103", "ID": "CVE-2017-6103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Wordpress plugin AnyVar", "product_name": "Wordpress plugin AnyVar",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "0.1.1" "version_value": "0.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "matt_dev" "vendor_name": "matt_dev"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1." "value": "Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XSS" "value": "XSS"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.vapidlabs.com/advisory.php?v=177", "name": "http://www.vapidlabs.com/advisory.php?v=177",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=177" "url": "http://www.vapidlabs.com/advisory.php?v=177"
}, },
{ {
"name" : "96532", "name": "96532",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/96532" "url": "http://www.securityfocus.com/bid/96532"
} }
] ]
} }

22
2017/6xxx/CVE-2017-6433.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6433", "ID": "CVE-2017-6433",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2017/6xxx/CVE-2017-6706.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-6706", "ID": "CVE-2017-6706",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Prime Collaboration Provisioning Tool", "product_name": "Cisco Prime Collaboration Provisioning Tool",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Prime Collaboration Provisioning Tool" "version_value": "Cisco Prime Collaboration Provisioning Tool"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1." "value": "A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Log File Information Disclosure Vulnerability" "value": "Log File Information Disclosure Vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp4"
}, },
{ {
"name" : "99204", "name": "1038744",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/99204" "url": "http://www.securitytracker.com/id/1038744"
}, },
{ {
"name" : "1038744", "name": "99204",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038744" "url": "http://www.securityfocus.com/bid/99204"
} }
] ]
} }

76
2017/7xxx/CVE-2017-7550.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC" : "2017-07-21T00:00:00", "DATE_PUBLIC": "2017-07-21T00:00:00",
"ID" : "CVE-2017-7550", "ID": "CVE-2017-7550",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ansible", "product_name": "ansible",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.3.x before 2.3.3, 2.4.x before 2.4.1" "version_value": "2.3.x before 2.3.3, 2.4.x before 2.4.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Red Hat, Inc." "vendor_name": "Red Hat, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation." "value": "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-532" "value": "CWE-532"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1473645", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1473645",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1473645" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473645"
}, },
{ {
"name" : "https://github.com/ansible/ansible/issues/30874", "name": "https://github.com/ansible/ansible/issues/30874",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/ansible/ansible/issues/30874" "url": "https://github.com/ansible/ansible/issues/30874"
}, },
{ {
"name" : "RHSA-2017:2966", "name": "RHSA-2017:2966",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2966" "url": "https://access.redhat.com/errata/RHSA-2017:2966"
} }
] ]
} }

22
2018/14xxx/CVE-2018-14095.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14095", "ID": "CVE-2018-14095",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/14xxx/CVE-2018-14156.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14156", "ID": "CVE-2018-14156",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/14xxx/CVE-2018-14560.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14560", "ID": "CVE-2018-14560",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

124
2018/14xxx/CVE-2018-14618.json
View File

@ -1,119 +1,119 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-14618", "ID": "CVE-2018-14618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "curl", "product_name": "curl",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.61.1" "version_value": "7.61.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)" "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)"
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : [ "cvss": [
[ [
{ {
"vectorString" : "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version" : "3.0" "version": "3.0"
} }
] ]
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-131" "value": "CWE-131"
} }
] ]
}, },
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-122" "value": "CWE-122"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", "name": "https://curl.haxx.se/docs/CVE-2018-14618.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
}, },
{ {
"name" : "https://curl.haxx.se/docs/CVE-2018-14618.html", "name": "GLSA-201903-03",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://curl.haxx.se/docs/CVE-2018-14618.html" "url": "https://security.gentoo.org/glsa/201903-03"
}, },
{ {
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", "name": "USN-3765-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" "url": "https://usn.ubuntu.com/3765-1/"
}, },
{ {
"name" : "DSA-4286", "name": "RHSA-2018:3558",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "https://www.debian.org/security/2018/dsa-4286" "url": "https://access.redhat.com/errata/RHSA-2018:3558"
}, },
{ {
"name" : "GLSA-201903-03", "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201903-03" "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
}, },
{ {
"name" : "RHSA-2018:3558", "name": "DSA-4286",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558" "url": "https://www.debian.org/security/2018/dsa-4286"
}, },
{ {
"name" : "USN-3765-1", "name": "1041605",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "https://usn.ubuntu.com/3765-1/" "url": "http://www.securitytracker.com/id/1041605"
}, },
{ {
"name" : "USN-3765-2", "name": "USN-3765-2",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3765-2/" "url": "https://usn.ubuntu.com/3765-2/"
}, },
{ {
"name" : "1041605", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1041605" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15108.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15108", "ID": "CVE-2018-15108",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/15xxx/CVE-2018-15182.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15182", "ID": "CVE-2018-15182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields." "value": "PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://gkaim.com/cve-2018-15182-vikas-chaudhary/", "name": "https://gkaim.com/cve-2018-15182-vikas-chaudhary/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://gkaim.com/cve-2018-15182-vikas-chaudhary/" "url": "https://gkaim.com/cve-2018-15182-vikas-chaudhary/"
} }
] ]
} }

62
2018/15xxx/CVE-2018-15851.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15851", "ID": "CVE-2018-15851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Flexo CMS v0.1.6. There is a CSRF vulnerability that can add an administrator via /admin/user/add." "value": "An issue was discovered in Flexo CMS v0.1.6. There is a CSRF vulnerability that can add an administrator via /admin/user/add."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/flexocms/flexo1.source/issues/25", "name": "https://github.com/flexocms/flexo1.source/issues/25",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/flexocms/flexo1.source/issues/25" "url": "https://github.com/flexocms/flexo1.source/issues/25"
} }
] ]
} }

104
2018/20xxx/CVE-2018-20153.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20153", "ID": "CVE-2018-20153",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS." "value": "In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20190211 [SECURITY] [DLA 1673-1] wordpress security update", "name": "106220",
"refsource" : "MLIST", "refsource": "BID",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html" "url": "http://www.securityfocus.com/bid/106220"
}, },
{ {
"name" : "https://codex.wordpress.org/Version_4.9.9", "name": "https://wordpress.org/support/wordpress-version/version-5-0-1/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://codex.wordpress.org/Version_4.9.9" "url": "https://wordpress.org/support/wordpress-version/version-5-0-1/"
}, },
{ {
"name" : "https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/", "name": "https://codex.wordpress.org/Version_4.9.9",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/" "url": "https://codex.wordpress.org/Version_4.9.9"
}, },
{ {
"name" : "https://wordpress.org/support/wordpress-version/version-5-0-1/", "name": "https://wpvulndb.com/vulnerabilities/9172",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wordpress.org/support/wordpress-version/version-5-0-1/" "url": "https://wpvulndb.com/vulnerabilities/9172"
}, },
{ {
"name" : "https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/", "name": "DSA-4401",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/" "url": "https://www.debian.org/security/2019/dsa-4401"
}, },
{ {
"name" : "https://wpvulndb.com/vulnerabilities/9172", "name": "https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/9172" "url": "https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/"
}, },
{ {
"name" : "DSA-4401", "name": "[debian-lts-announce] 20190211 [SECURITY] [DLA 1673-1] wordpress security update",
"refsource" : "DEBIAN", "refsource": "MLIST",
"url" : "https://www.debian.org/security/2019/dsa-4401" "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html"
}, },
{ {
"name" : "106220", "name": "https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/106220" "url": "https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/"
} }
] ]
} }

68
2018/20xxx/CVE-2018-20389.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20389", "ID": "CVE-2018-20389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests." "value": "D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv", "name": "https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv" "url": "https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv"
}, },
{ {
"name" : "https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html", "name": "https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html" "url": "https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html"
} }
] ]
} }

22
2018/20xxx/CVE-2018-20492.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20492", "ID": "CVE-2018-20492",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

70
2018/9xxx/CVE-2018-9023.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vuln@ca.com", "ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC" : "2018-06-14T00:00:00", "DATE_PUBLIC": "2018-06-14T00:00:00",
"ID" : "CVE-2018-9023", "ID": "CVE-2018-9023",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CA Privileged Access Manager", "product_name": "CA Privileged Access Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.x" "version_value": "2.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "CA Technologies" "vendor_name": "CA Technologies"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script." "value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Input Validation" "value": "Improper Input Validation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html", "name": "104496",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html" "url": "http://www.securityfocus.com/bid/104496"
}, },
{ {
"name" : "104496", "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/104496" "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
} }
] ]
} }

62
2018/9xxx/CVE-2018-9041.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9041", "ID": "CVE-2018-9041",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004." "value": "In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win10_x64.sys-0x9c402004", "name": "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win10_x64.sys-0x9c402004",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win10_x64.sys-0x9c402004" "url": "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win10_x64.sys-0x9c402004"
} }
] ]
} }

22
2018/9xxx/CVE-2018-9171.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9171", "ID": "CVE-2018-9171",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/9xxx/CVE-2018-9477.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9477", "ID": "CVE-2018-9477",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }