admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:59:23 +00:00
parent 048f50e052
commit b26f1f2312
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 3564 additions and 3564 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2003/0xxx/CVE-2003-0038.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0038", "ID": "CVE-2003-0038",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030124 Mailman: cross-site scripting bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=104342745916111" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters."
{ }
"name" : "http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-436", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-436" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "6677", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/6677" ]
}, },
{ "references": {
"name" : "9205", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/9205" "name": "20030124 Mailman: cross-site scripting bug",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=104342745916111"
"name" : "1005987", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1005987" "name": "9205",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/9205"
"name" : "mailman-email-variable-xss(11152)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11152" "name": "6677",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/6677"
} },
} {
"name": "1005987",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1005987"
},
{
"name": "http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt",
"refsource": "CONFIRM",
"url": "http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt"
},
{
"name": "mailman-email-variable-xss(11152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11152"
},
{
"name": "DSA-436",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-436"
}
]
}
}

120
2003/0xxx/CVE-2003-0584.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0584", "ID": "CVE-2003-0584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030716 SRT2003-07-16-0358 - bru has buffer overflow and format issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105846288808846&w=2" "lang": "eng",
} "value": "Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030716 SRT2003-07-16-0358 - bru has buffer overflow and format issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105846288808846&w=2"
}
]
}
}

130
2003/0xxx/CVE-2003-0860.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0860", "ID": "CVE-2003-0860",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php.net/release_4_3_3.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/release_4_3_3.php" "lang": "eng",
}, "value": "Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors."
{ }
"name" : "http://www.php.net/ChangeLog-4.php#4.3.3", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php.net/ChangeLog-4.php#4.3.3" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.php.net/release_4_3_3.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/release_4_3_3.php"
},
{
"name": "http://www.php.net/ChangeLog-4.php#4.3.3",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-4.php#4.3.3"
}
]
}
}

34
2003/0xxx/CVE-2003-0862.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2003-0862", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2003-0862",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candidate is a duplicate of CVE-2003-0813. Notes: All CVE users should reference CVE-2003-0813 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candidate is a duplicate of CVE-2003-0813. Notes: All CVE users should reference CVE-2003-0813 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

140
2003/1xxx/CVE-2003-1016.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1016", "ID": "CVE-2003-1016",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109521027007616&w=2" "lang": "eng",
}, "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
{ }
"name" : "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm", ]
"refsource" : "MISC", },
"url" : "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mime-quote-filtering-bypass(17336)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "mime-quote-filtering-bypass(17336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
},
{
"name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109521027007616&w=2"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
}
]
}
}

140
2003/1xxx/CVE-2003-1244.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1244", "ID": "CVE-2003-1244",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030220 phpBB Security Bugs", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2003-02/0245.html" "lang": "eng",
}, "value": "SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php."
{ }
"name" : "6888", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/6888" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phpbb-pageheader-sql-injection(11376)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/11376.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "6888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6888"
},
{
"name": "20030220 phpBB Security Bugs",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0245.html"
},
{
"name": "phpbb-pageheader-sql-injection(11376)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11376.php"
}
]
}
}

140
2003/1xxx/CVE-2003-1525.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1525", "ID": "CVE-2003-1525",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fuzzymonkey.org/newfuzzy/software/perl/photo/README.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.fuzzymonkey.org/newfuzzy/software/perl/photo/README.html" "lang": "eng",
}, "value": "Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors."
{ }
"name" : "8872", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/8872" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "myphotogallery-unknown-vulnerabilities(13498)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13498" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "myphotogallery-unknown-vulnerabilities(13498)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13498"
},
{
"name": "http://www.fuzzymonkey.org/newfuzzy/software/perl/photo/README.html",
"refsource": "CONFIRM",
"url": "http://www.fuzzymonkey.org/newfuzzy/software/perl/photo/README.html"
},
{
"name": "8872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8872"
}
]
}
}

230
2004/0xxx/CVE-2004-0574.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0574", "ID": "CVE-2004-0574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an \"unchecked buffer,\" leading to off-by-one and heap-based buffer overflows."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041012 CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109761632831563&w=2" "lang": "eng",
}, "value": "The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an \"unchecked buffer,\" leading to off-by-one and heap-based buffer overflows."
{ }
"name" : "http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10", ]
"refsource" : "MISC", },
"url" : "http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS04-036", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "P-012", ]
"refsource" : "CIAC", }
"url" : "http://www.ciac.org/ciac/bulletins/p-012.shtml" ]
}, },
{ "references": {
"name" : "VU#203126", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/203126" "name": "oval:org.mitre.oval:def:5070",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070"
"name" : "oval:org.mitre.oval:def:246", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246" "name": "oval:org.mitre.oval:def:5021",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
"name" : "oval:org.mitre.oval:def:4392", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392" "name": "win-nntp-bo(17641)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17641"
"name" : "oval:org.mitre.oval:def:5070", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070" "name": "20041012 CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=109761632831563&w=2"
"name" : "oval:org.mitre.oval:def:5926", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926" "name": "oval:org.mitre.oval:def:4392",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392"
"name" : "oval:org.mitre.oval:def:5021", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021" "name": "P-012",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/p-012.shtml"
"name" : "win-nntp-bo(17641)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17641" "name": "oval:org.mitre.oval:def:246",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246"
"name" : "win-ms04036-patch(17661)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17661" "name": "MS04-036",
} "refsource": "MS",
] "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036"
} },
} {
"name": "VU#203126",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/203126"
},
{
"name": "oval:org.mitre.oval:def:5926",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926"
},
{
"name": "http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10"
},
{
"name": "win-ms04036-patch(17661)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17661"
}
]
}
}

160
2004/2xxx/CVE-2004-2063.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2063", "ID": "CVE-2004-2063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040728 AntiBoard <= 0.7.2 XSS/SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109105610220965&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter."
{ }
"name" : "10821", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/10821" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "8269", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/8269" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12137", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/12137" ]
}, },
{ "references": {
"name" : "antiboard-feedback-xss(16830)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16830" "name": "8269",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/8269"
} },
} {
"name": "10821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10821"
},
{
"name": "20040728 AntiBoard <= 0.7.2 XSS/SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109105610220965&w=2"
},
{
"name": "12137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12137"
},
{
"name": "antiboard-feedback-xss(16830)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16830"
}
]
}
}

180
2004/2xxx/CVE-2004-2329.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2329", "ID": "CVE-2004-2329",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.tuneld.com/news/?id=30", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.tuneld.com/news/?id=30" "lang": "eng",
}, "value": "Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box."
{ }
"name" : "http://www.tuneld.com/_images/other/kpf_system_privileges.png", ]
"refsource" : "MISC", },
"url" : "http://www.tuneld.com/_images/other/kpf_system_privileges.png" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9525", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9525" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3748", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/3748" ]
}, },
{ "references": {
"name" : "1008870", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/alerts/2004/Jan/1008870.html" "name": "9525",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/9525"
"name" : "10746", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/10746/" "name": "kerio-pf-gain-privileges(14981)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981"
"name" : "kerio-pf-gain-privileges(14981)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14981" "name": "http://www.tuneld.com/news/?id=30",
} "refsource": "MISC",
] "url": "http://www.tuneld.com/news/?id=30"
} },
} {
"name": "http://www.tuneld.com/_images/other/kpf_system_privileges.png",
"refsource": "MISC",
"url": "http://www.tuneld.com/_images/other/kpf_system_privileges.png"
},
{
"name": "1008870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2004/Jan/1008870.html"
},
{
"name": "3748",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3748"
},
{
"name": "10746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10746/"
}
]
}
}

170
2004/2xxx/CVE-2004-2600.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2600", "ID": "CVE-2004-2600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf" "lang": "eng",
}, "value": "The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled."
{ }
"name" : "http://support.intel.com/support/motherboards/server/sb/CS-010422.htm", ]
"refsource" : "MISC", },
"url" : "http://support.intel.com/support/motherboards/server/sb/CS-010422.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "10068", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10068" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4978", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/4978" ]
}, },
{ "references": {
"name" : "11315", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11315" "name": "http://support.intel.com/support/motherboards/server/sb/CS-010422.htm",
}, "refsource": "MISC",
{ "url": "http://support.intel.com/support/motherboards/server/sb/CS-010422.htm"
"name" : "intel-ssu-gain-access(15775)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15775" "name": "4978",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/4978"
} },
} {
"name": "intel-ssu-gain-access(15775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15775"
},
{
"name": "10068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10068"
},
{
"name": "ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf",
"refsource": "CONFIRM",
"url": "ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf"
},
{
"name": "11315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11315"
}
]
}
}

160
2008/2xxx/CVE-2008-2174.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2174", "ID": "CVE-2008-2174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 have unknown impact and attack vectors, related to \"various areas where security was missing.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/forum/forum.php?forum_id=818214", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/forum/forum.php?forum_id=818214" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 have unknown impact and attack vectors, related to \"various areas where security was missing.\""
{ }
"name" : "http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "29022", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29022" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "30041", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/30041" ]
}, },
{ "references": {
"name" : "asm-unspecified-security-bypass(42139)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42139" "name": "asm-unspecified-security-bypass(42139)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42139"
} },
} {
"name": "30041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30041"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=818214",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=818214"
},
{
"name": "29022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29022"
}
]
}
}

200
2008/2xxx/CVE-2008-2381.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2381", "ID": "CVE-2008-2381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&r1=4590&r2=6709", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&r1=4590&r2=6709" "lang": "eng",
}, "value": "SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable."
{ }
"name" : "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&view=log", ]
"refsource" : "CONFIRM", },
"url" : "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&view=log" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://security-tracker.debian.net/tracker/CVE-2008-2381", "description": [
"refsource" : "CONFIRM", {
"url" : "http://security-tracker.debian.net/tracker/CVE-2008-2381" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33086", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/33086" ]
}, },
{ "references": {
"name" : "1021510", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021510" "name": "33499",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33499"
"name" : "33229", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33229" "name": "33229",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33229"
"name" : "33499", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33499" "name": "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&r1=4590&r2=6709",
}, "refsource": "CONFIRM",
{ "url": "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&r1=4590&r2=6709"
"name" : "ADV-2009-0004", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0004" "name": "gforge-create-sql-injection(47703)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47703"
"name" : "gforge-create-sql-injection(47703)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47703" "name": "1021510",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1021510"
} },
} {
"name": "ADV-2009-0004",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0004"
},
{
"name": "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&view=log",
"refsource": "CONFIRM",
"url": "http://gforge.org/scm/viewvc.php/branches/Branch_4_5/gforge/common/include/GroupJoinRequest.class?root=gforge&view=log"
},
{
"name": "http://security-tracker.debian.net/tracker/CVE-2008-2381",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2381"
},
{
"name": "33086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33086"
}
]
}
}

160
2008/2xxx/CVE-2008-2946.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2946", "ID": "CVE-2008-2946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "237985", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237985-1" "lang": "eng",
}, "value": "The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets."
{ }
"name" : "29965", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29965" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-1965", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1965/references" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1020381", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1020381" ]
}, },
{ "references": {
"name" : "30863", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30863" "name": "237985",
} "refsource": "SUNALERT",
] "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237985-1"
} },
} {
"name": "29965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29965"
},
{
"name": "30863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30863"
},
{
"name": "1020381",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020381"
},
{
"name": "ADV-2008-1965",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1965/references"
}
]
}
}

160
2008/2xxx/CVE-2008-2988.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2988", "ID": "CVE-2008-2988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080622 Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/493568/100/0/threaded" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/."
{ }
"name" : "29884", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29884" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30834", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30834" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3958", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/3958" ]
}, },
{ "references": {
"name" : "benja-upload-file-upload(43282)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43282" "name": "20080622 Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/493568/100/0/threaded"
} },
} {
"name": "3958",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3958"
},
{
"name": "30834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30834"
},
{
"name": "29884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29884"
},
{
"name": "benja-upload-file-upload(43282)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43282"
}
]
}
}

280
2012/0xxx/CVE-2012-0260.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2012-0260", "ID": "CVE-2012-0260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cert.fi/en/reports/2012/vulnerability635606.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.cert.fi/en/reports/2012/vulnerability635606.html" "lang": "eng",
}, "value": "The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers."
{ }
"name" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", ]
"refsource" : "CONFIRM", },
"url" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2462", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2462" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2012:0544", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0544.html" ]
}, },
{ "references": {
"name" : "RHSA-2012:0545", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0545.html" "name": "55035",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/55035"
"name" : "openSUSE-SU-2012:0692", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html" "name": "49068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49068"
"name" : "USN-2132-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2132-1" "name": "imagemagick-jpegwarninghandler-dos(74658)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658"
"name" : "52898", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/52898" "name": "openSUSE-SU-2012:0692",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
"name" : "81022", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/81022" "name": "57224",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/57224"
"name" : "1027032", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027032" "name": "USN-2132-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2132-1"
"name" : "48974", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48974" "name": "DSA-2462",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2012/dsa-2462"
"name" : "49063", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49063" "name": "49063",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49063"
"name" : "49068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49068" "name": "52898",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/52898"
"name" : "49317", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49317" "name": "RHSA-2012:0544",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
"name" : "55035", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/55035" "name": "48974",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48974"
"name" : "57224", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57224" "name": "49317",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49317"
"name" : "imagemagick-jpegwarninghandler-dos(74658)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658" "name": "http://www.cert.fi/en/reports/2012/vulnerability635606.html",
} "refsource": "MISC",
] "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
} },
} {
"name": "81022",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81022"
},
{
"name": "1027032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027032"
},
{
"name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629",
"refsource": "CONFIRM",
"url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629"
},
{
"name": "RHSA-2012:0545",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
}
]
}
}

140
2012/0xxx/CVE-2012-0312.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-0312", "ID": "CVE-2012-0312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.jp/forum/forum.php?forum_id=28119", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.jp/forum/forum.php?forum_id=28119" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#64386898", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN64386898/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2012-000005", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000005" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2012-000005",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000005"
},
{
"name": "http://sourceforge.jp/forum/forum.php?forum_id=28119",
"refsource": "CONFIRM",
"url": "http://sourceforge.jp/forum/forum.php?forum_id=28119"
},
{
"name": "JVN#64386898",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN64386898/index.html"
}
]
}
}

170
2012/0xxx/CVE-2012-0587.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-0587", "ID": "CVE-2012-0587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2012-03-07-2", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589."
{ }
"name" : "APPLE-SA-2012-03-12-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "79966", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/79966" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1026774", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1026774" ]
}, },
{ "references": {
"name" : "48288", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48288" "name": "1026774",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1026774"
"name" : "48377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48377" "name": "48377",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/48377"
} },
} {
"name": "APPLE-SA-2012-03-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "79966",
"refsource": "OSVDB",
"url": "http://osvdb.org/79966"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
}

220
2012/1xxx/CVE-2012-1121.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1121", "ID": "CVE-2012-1121",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users with manager privileges to (1) modify or (2) delete global categories."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/03/06/9" "lang": "eng",
}, "value": "MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users with manager privileges to (1) modify or (2) delete global categories."
{ }
"name" : "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.mantisbt.org/bugs/view.php?id=13561", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.mantisbt.org/bugs/view.php?id=13561" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d" ]
}, },
{ "references": {
"name" : "FEDORA-2012-18273", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html" "name": "52313",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/52313"
"name" : "FEDORA-2012-18294", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html" "name": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d"
"name" : "FEDORA-2012-18299", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html" "name": "FEDORA-2012-18299",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"name" : "GLSA-201211-01", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201211-01.xml" "name": "GLSA-201211-01",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"name" : "52313", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/52313" "name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
}, "refsource": "CONFIRM",
{ "url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
"name" : "48258", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48258" "name": "http://www.mantisbt.org/bugs/view.php?id=13561",
}, "refsource": "CONFIRM",
{ "url": "http://www.mantisbt.org/bugs/view.php?id=13561"
"name" : "51199", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51199" "name": "51199",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51199"
} },
} {
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "48258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48258"
}
]
}
}

130
2012/1xxx/CVE-2012-1339.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-1339", "ID": "CVE-2012-1339",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Fabric Interconnect component in Cisco Unified Computing System (UCS) 2.0 allows remote attackers to cause a denial of service (process crash) via an attempted SSH session, aka Bug ID CSCtt94543."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/en/US/docs/unified_computing/ucs/release/notes/OL_25363.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/en/US/docs/unified_computing/ucs/release/notes/OL_25363.html" "lang": "eng",
}, "value": "The Fabric Interconnect component in Cisco Unified Computing System (UCS) 2.0 allows remote attackers to cause a denial of service (process crash) via an attempted SSH session, aka Bug ID CSCtt94543."
{ }
"name" : "1027350", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id?1027350" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/en/US/docs/unified_computing/ucs/release/notes/OL_25363.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/unified_computing/ucs/release/notes/OL_25363.html"
},
{
"name": "1027350",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027350"
}
]
}
}

34
2012/1xxx/CVE-2012-1546.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1546", "ID": "CVE-2012-1546",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2012/1xxx/CVE-2012-1762.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-1762", "ID": "CVE-2012-1762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to TECH, a different vulnerability than CVE-2012-3111."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to TECH, a different vulnerability than CVE-2012-3111."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "54499", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/54499" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "83970", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/83970" ]
}, },
{ "references": {
"name" : "1027265", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027265" "name": "54499",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/54499"
"name" : "49951", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49951" "name": "peoplesoftenterprise-pttech-cve20121762(77031)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77031"
"name" : "peoplesoftenterprise-pttech-cve20121762(77031)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77031" "name": "49951",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/49951"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "83970",
"refsource": "OSVDB",
"url": "http://osvdb.org/83970"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "1027265",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027265"
}
]
}
}

270
2012/1xxx/CVE-2012-1965.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1965", "ID": "CVE-2012-1965",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html" "lang": "eng",
}, "value": "Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=758990", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=758990" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2012:1088", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1088.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2012:0899", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2012:0895", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=758990"
"name" : "SUSE-SU-2012:0896", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html" "name": "49992",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49992"
"name" : "USN-1509-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1509-1" "name": "1027256",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1027256"
"name" : "USN-1509-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1509-2" "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-55.html"
"name" : "54579", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/54579" "name": "RHSA-2012:1088",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1088.html"
"name" : "84012", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/84012" "name": "USN-1509-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1509-2"
"name" : "oval:org.mitre.oval:def:17001", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001" "name": "oval:org.mitre.oval:def:17001",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001"
"name" : "1027256", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027256" "name": "49979",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49979"
"name" : "49965", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49965" "name": "SUSE-SU-2012:0895",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html"
"name" : "49972", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49972" "name": "49965",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49965"
"name" : "49992", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49992" "name": "84012",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/84012"
"name" : "49979", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49979" "name": "54579",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/54579"
} },
} {
"name": "SUSE-SU-2012:0896",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html"
},
{
"name": "openSUSE-SU-2012:0899",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html"
},
{
"name": "USN-1509-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1509-1"
},
{
"name": "49972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49972"
}
]
}
}

120
2012/5xxx/CVE-2012-5032.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-5032", "ID": "CVE-2012-5032",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf" "lang": "eng",
} "value": "The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
]
}
}

34
2012/5xxx/CVE-2012-5402.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5402", "ID": "CVE-2012-5402",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/5xxx/CVE-2012-5518.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5518", "ID": "CVE-2012-5518",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2017/11xxx/CVE-2017-11343.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11343", "ID": "CVE-2017-11343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html" "lang": "eng",
} "value": "Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in O(n) lookup time."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html",
"refsource": "CONFIRM",
"url": "http://lists.gnu.org/archive/html/chicken-announce/2017-07/msg00000.html"
}
]
}
}

152
2017/11xxx/CVE-2017-11893.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-12-12T00:00:00", "DATE_PUBLIC": "2017-12-12T00:00:00",
"ID" : "CVE-2017-11893", "ID": "CVE-2017-11893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ChakraCore, Microsoft Edge", "product_name": "ChakraCore, Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016." "version_value": "Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43466", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43466/" "lang": "eng",
}, "value": "ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "102081", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102081" "lang": "eng",
}, "value": "Remote Code Execution"
{ }
"name" : "1039990", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039990" ]
} },
] "references": {
} "reference_data": [
} {
"name": "102081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102081"
},
{
"name": "1039990",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039990"
},
{
"name": "43466",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43466/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11893"
}
]
}
}

140
2017/3xxx/CVE-2017-3034.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-3034", "ID": "CVE-2017-3034",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.", "product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier." "version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html" "lang": "eng",
}, "value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "97548", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97548" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038228", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038228" "lang": "eng",
} "value": "Integer Overflow"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "97548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}

152
2017/3xxx/CVE-2017-3362.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3362", "ID": "CVE-2017-3362",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Knowledge Management", "product_name": "Knowledge Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_value" : "12.1.3" "version_value": "12.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Knowledge Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Knowledge Management accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Knowledge Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Knowledge Management accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
{ }
"name" : "95467", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95467" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037639", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037639" "lang": "eng",
} "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037639"
},
{
"name": "95467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95467"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
}

166
2017/3xxx/CVE-2017-3438.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3438", "ID": "CVE-2017-3438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "One-to-One Fulfillment", "product_name": "One-to-One Fulfillment",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_value" : "12.2.6" "version_value": "12.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)."
{ }
"name" : "95569", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95569" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95569"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
}

162
2017/3xxx/CVE-2017-3586.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3586", "ID": "CVE-2017-3586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Connectors", "product_name": "MySQL Connectors",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.1.41 and earlier" "version_value": "5.1.41 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)."
{ }
"name" : "DSA-3857", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2017/dsa-3857" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "97784", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97784" "lang": "eng",
}, "value": "Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data."
{ }
"name" : "97982", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/97982" ]
}, },
{ "references": {
"name" : "1038287", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038287" "name": "1038287",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1038287"
} },
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "DSA-3857",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3857"
},
{
"name": "97982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97982"
},
{
"name": "97784",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97784"
}
]
}
}

122
2017/3xxx/CVE-2017-3935.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2017-09-14T00:00:00", "DATE_PUBLIC": "2017-09-14T00:00:00",
"ID" : "CVE-2017-3935", "ID": "CVE-2017-3935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Network Data Loss Prevention", "product_name": "Network Data Loss Prevention",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.3.X" "version_value": "9.3.X"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "McAfee" "vendor_name": "McAfee"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "MIME type sniffing"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198" "lang": "eng",
} "value": "Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MIME type sniffing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198"
}
]
}
}

140
2017/7xxx/CVE-2017-7150.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7150", "ID": "CVE-2017-7150",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"Security\" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208165", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208165" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"Security\" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click."
{ }
"name" : "101177", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101177" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039430", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039430" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208165",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208165"
},
{
"name": "1039430",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039430"
},
{
"name": "101177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101177"
}
]
}
}

150
2017/7xxx/CVE-2017-7309.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7309", "ID": "CVE-2017-7309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://openwall.com/lists/oss-security/2017/03/30/4", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://openwall.com/lists/oss-security/2017/03/30/4" "lang": "eng",
}, "value": "A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3."
{ }
"name" : "http://www.mantisbt.org/bugs/view.php?id=22579", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mantisbt.org/bugs/view.php?id=22579" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "97251", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97251" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1038169", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1038169" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.mantisbt.org/bugs/view.php?id=22579",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=22579"
},
{
"name": "http://openwall.com/lists/oss-security/2017/03/30/4",
"refsource": "CONFIRM",
"url": "http://openwall.com/lists/oss-security/2017/03/30/4"
},
{
"name": "1038169",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038169"
},
{
"name": "97251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97251"
}
]
}
}

150
2017/7xxx/CVE-2017-7447.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7447", "ID": "CVE-2017-7447",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "41824", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/41824/" "lang": "eng",
}, "value": "HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code."
{ }
"name" : "http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html", ]
"refsource" : "MISC", },
"url" : "http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/albandes/helpdezk/issues/2", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/albandes/helpdezk/issues/2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "97485", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/97485" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://github.com/albandes/helpdezk/issues/2",
"refsource": "MISC",
"url": "https://github.com/albandes/helpdezk/issues/2"
},
{
"name": "41824",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41824/"
},
{
"name": "97485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97485"
},
{
"name": "http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html",
"refsource": "MISC",
"url": "http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html"
}
]
}
}

130
2017/7xxx/CVE-2017-7636.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7636", "ID": "CVE-2017-7636",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.qnap.com/en/security-advisory/nas-201806-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.qnap.com/en/security-advisory/nas-201806-01" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML."
{ }
"name" : "1041025", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1041025" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/nas-201806-01",
"refsource": "CONFIRM",
"url": "https://www.qnap.com/en/security-advisory/nas-201806-01"
},
{
"name": "1041025",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041025"
}
]
}
}

152
2017/7xxx/CVE-2017-7839.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-7839", "ID": "CVE-2017-7839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "57" "version_value": "57"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Control characters prepended before \"javascript:\" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Control characters before javascript: URLs defeats self-XSS prevention mechanism"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1402896", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1402896" "lang": "eng",
}, "value": "Control characters prepended before \"javascript:\" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-24/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-24/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101832", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101832" "lang": "eng",
}, "value": "Control characters before javascript: URLs defeats self-XSS prevention mechanism"
{ }
"name" : "1039803", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039803" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402896",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1402896"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2017-24/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-24/"
},
{
"name": "101832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101832"
},
{
"name": "1039803",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039803"
}
]
}
}

130
2017/8xxx/CVE-2017-8245.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-8245", "ID": "CVE-2017-8245",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out of bounds read when processing a voice SVC request (CVE-2017-8245)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245" "lang": "eng",
}, "value": "In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs."
{ }
"name" : "98543", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98543" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Out of bounds read when processing a voice SVC request (CVE-2017-8245)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98543"
},
{
"name": "https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245"
}
]
}
}

140
2017/8xxx/CVE-2017-8470.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-8470", "ID": "CVE-2017-8470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Windows", "product_name": "Microsoft Windows",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016." "version_value": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka \"Win32k Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE-2017-8475, CVE-2017-8477, and CVE-2017-8484."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42223", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42223/" "lang": "eng",
}, "value": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka \"Win32k Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-8471, CVE-2017-8472, CVE-2017-8473, CVE-2017-8475, CVE-2017-8477, and CVE-2017-8484."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8470", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8470" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98848", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98848" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8470",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8470"
},
{
"name": "98848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98848"
},
{
"name": "42223",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42223/"
}
]
}
}

150
2017/8xxx/CVE-2017-8538.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-8538", "ID": "CVE-2017-8538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Malware Protection Engine", "product_name": "Malware Protection Engine",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016." "version_value": "Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka \"Microsoft Malware Protection Engine Remote Code Execution Vulnerability\", a different vulnerability than CVE-2017-8540 and CVE-2017-8541."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42081", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42081/" "lang": "eng",
}, "value": "The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka \"Microsoft Malware Protection Engine Remote Code Execution Vulnerability\", a different vulnerability than CVE-2017-8540 and CVE-2017-8541."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8538", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8538" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98706", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98706" "lang": "eng",
}, "value": "Remote Code Execution"
{ }
"name" : "1038571", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1038571" ]
} },
] "references": {
} "reference_data": [
} {
"name": "42081",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42081/"
},
{
"name": "98706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98706"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8538",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8538"
},
{
"name": "1038571",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038571"
}
]
}
}

120
2018/10xxx/CVE-2018-10174.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10174", "ID": "CVE-2018-10174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html" "lang": "eng",
} "value": "Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html"
}
]
}
}

34
2018/10xxx/CVE-2018-10433.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10433", "ID": "CVE-2018-10433",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

172
2018/10xxx/CVE-2018-10889.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-10889", "ID": "CVE-2018-10889",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "moodle", "product_name": "moodle",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "moodle 3.5.1" "version_value": "moodle 3.5.1"
}, },
{ {
"version_value" : "moodle 3.4.4" "version_value": "moodle 3.4.4"
}, },
{ {
"version_value" : "moodle 3.3.7" "version_value": "moodle 3.3.7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "4.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-532"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10889", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10889" "lang": "eng",
}, "value": "A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester."
{ }
"name" : "https://moodle.org/mod/forum/discuss.php?d=373369", ]
"refsource" : "CONFIRM", },
"url" : "https://moodle.org/mod/forum/discuss.php?d=373369" "impact": {
}, "cvss": [
{ [
"name" : "104733", {
"refsource" : "BID", "vectorString": "4.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"url" : "http://www.securityfocus.com/bid/104733" "version": "3.0"
} }
] ]
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104733",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104733"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10889",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10889"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=373369",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=373369"
}
]
}
}

120
2018/12xxx/CVE-2018-12431.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12431", "ID": "CVE-2018-12431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/MichaelWayneLIU/seacms/blob/master/seacms.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/MichaelWayneLIU/seacms/blob/master/seacms.md" "lang": "eng",
} "value": "SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page)."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MichaelWayneLIU/seacms/blob/master/seacms.md",
"refsource": "MISC",
"url": "https://github.com/MichaelWayneLIU/seacms/blob/master/seacms.md"
}
]
}
}

120
2018/12xxx/CVE-2018-12972.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12972", "ID": "CVE-2018-12972",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/OpenTSDB/opentsdb/issues/1239", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/OpenTSDB/opentsdb/issues/1239" "lang": "eng",
} "value": "An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/OpenTSDB/opentsdb/issues/1239",
"refsource": "MISC",
"url": "https://github.com/OpenTSDB/opentsdb/issues/1239"
}
]
}
}

130
2018/13xxx/CVE-2018-13005.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13005", "ID": "CVE-2018-13005",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180719 [SECURITY] [DLA 1432-1] gpac security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00024.html" "lang": "eng",
}, "value": "An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read."
{ }
"name" : "https://github.com/gpac/gpac/issues/1088", ]
"refsource" : "MISC", },
"url" : "https://github.com/gpac/gpac/issues/1088" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180719 [SECURITY] [DLA 1432-1] gpac security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00024.html"
},
{
"name": "https://github.com/gpac/gpac/issues/1088",
"refsource": "MISC",
"url": "https://github.com/gpac/gpac/issues/1088"
}
]
}
}

34
2018/13xxx/CVE-2018-13901.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13901", "ID": "CVE-2018-13901",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/17xxx/CVE-2018-17124.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17124", "ID": "CVE-2018-17124",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/17xxx/CVE-2018-17803.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17803", "ID": "CVE-2018-17803",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/17xxx/CVE-2018-17948.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@microfocus.com", "ASSIGNER": "security@suse.com",
"DATE_PUBLIC" : "2018-11-17T00:00:00", "DATE_PUBLIC": "2018-11-17T00:00:00",
"ID" : "CVE-2018-17948", "ID": "CVE-2018-17948",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Access Manager", "product_name": "Access Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions prior to 4.4 SP3" "version_value": "Versions prior to 4.4 SP3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Access Manager" "vendor_name": "Access Manager"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Open Redirect"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.microfocus.com/kb/doc.php?id=7023530", "description_data": [
"refsource" : "MISC", {
"url" : "https://support.microfocus.com/kb/doc.php?id=7023530" "lang": "eng",
} "value": "An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.microfocus.com/kb/doc.php?id=7023530",
"refsource": "MISC",
"url": "https://support.microfocus.com/kb/doc.php?id=7023530"
}
]
}
}

34
2018/17xxx/CVE-2018-17992.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17992", "ID": "CVE-2018-17992",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/17xxx/CVE-2018-17996.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17996", "ID": "CVE-2018-17996",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9154.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-9154", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-9154",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-13745. Reason: This candidate is a duplicate of CVE-2017-13745. Notes: All CVE users should reference CVE-2017-13745 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-13745. Reason: This candidate is a duplicate of CVE-2017-13745. Notes: All CVE users should reference CVE-2017-13745 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9684.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9684", "ID": "CVE-2018-9684",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }