mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-08 05:58:08 +00:00
- Synchronized data.
This commit is contained in:
CVE Team
parent
47130f6b23
commit
b302ebede7
@ -2,7 +2,30 @@
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ID" : "CVE-2016-6914",
|
||||
"STATE" : "RESERVED"
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "n/a",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
@ -11,7 +34,32 @@
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value" : "Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "http://seclists.org/fulldisclosure/2017/Dec/83"
|
||||
},
|
||||
{
|
||||
"url" : "http://packetstormsecurity.com/files/145533/Ubiquiti-UniFi-Video-3.7.3-Windows-Local-Privilege-Escalation.html"
|
||||
},
|
||||
{
|
||||
"url" : "https://hackerone.com/reports/140793"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -2,7 +2,30 @@
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ID" : "CVE-2017-13056",
|
||||
"STATE" : "RESERVED"
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "n/a",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
@ -11,7 +34,26 @@
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value" : "The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "http://packetstormsecurity.com/files/143912/PDF-XChange-Viewer-2.5-Build-314.0-Code-Execution.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,8 +1,31 @@
|
||||
{
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ASSIGNER" : "security@synology.com",
|
||||
"ID" : "CVE-2017-16768",
|
||||
"STATE" : "RESERVED"
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "n/a",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
@ -11,7 +34,26 @@
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value" : "Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.synology.com/en-global/support/security/Synology_SA_17_81"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,6 +57,9 @@
|
||||
},
|
||||
{
|
||||
"url" : "http://packetstormsecurity.com/files/145121/ZTE-ZXDSL-831-Unauthorized-Configuration-Access-Bypass.html"
|
||||
},
|
||||
{
|
||||
"url" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008762"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user