admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-12-27 14:04:40 -05:00
parent 13dc6ec576
commit b31f2f3ffb
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
42 changed files with 793 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
2013/5xxx/CVE-2013-5017.json
View File

@ -55,6 +55,9 @@
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00"
},
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00"
},
{
"url" : "http://www.securityfocus.com/bid/67752"
},

24
2014/1xxx/CVE-2014-1533.json
View File

@ -100,18 +100,42 @@
{
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2955"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2960"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"url" : "http://www.securityfocus.com/bid/67965"
},

12
2014/1xxx/CVE-2014-1534.json
View File

@ -106,6 +106,18 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.securityfocus.com/bid/67964"
},

12
2014/1xxx/CVE-2014-1536.json
View File

@ -70,6 +70,18 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.securityfocus.com/bid/67966"
},

12
2014/1xxx/CVE-2014-1537.json
View File

@ -70,6 +70,18 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.securityfocus.com/bid/67971"
},

27
2014/1xxx/CVE-2014-1538.json
View File

@ -67,18 +67,45 @@
{
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1107421"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2955"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2960"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"url" : "http://www.securityfocus.com/bid/67976"
},

3
2014/1xxx/CVE-2014-1539.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.securityfocus.com/bid/67967"
},

6
2014/1xxx/CVE-2014-1540.json
View File

@ -67,6 +67,12 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.securityfocus.com/bid/67978"
},

24
2014/1xxx/CVE-2014-1541.json
View File

@ -67,18 +67,42 @@
{
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2955"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2960"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"url" : "http://www.securityfocus.com/bid/67979"
},

6
2014/1xxx/CVE-2014-1542.json
View File

@ -67,6 +67,12 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"url" : "http://www.securityfocus.com/bid/67968"
},

3
2014/1xxx/CVE-2014-1543.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.securityfocus.com/bid/67969"
},

18
2014/1xxx/CVE-2014-1545.json
View File

@ -70,6 +70,15 @@
{
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2955"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2960"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2962"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},
@ -79,6 +88,15 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2265-1"
},

3
2014/1xxx/CVE-2014-1650.json
View File

@ -55,6 +55,9 @@
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00"
},
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00"
},
{
"url" : "http://www.securityfocus.com/bid/67753"
},

6
2014/1xxx/CVE-2014-1651.json
View File

@ -55,6 +55,12 @@
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00"
},
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00"
},
{
"url" : "http://www.kb.cert.org/vuls/id/719172"
},
{
"url" : "http://www.securityfocus.com/bid/67754"
},

6
2014/1xxx/CVE-2014-1652.json
View File

@ -55,6 +55,12 @@
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140616_00"
},
{
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit%20y_advisory&pvid=security_advisory&year=&suid=20140616_00"
},
{
"url" : "http://www.kb.cert.org/vuls/id/719172"
},
{
"url" : "http://www.securityfocus.com/bid/67755"
},

3
2014/1xxx/CVE-2014-1740.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securityfocus.com/bid/67374"
},

3
2014/1xxx/CVE-2014-1741.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securityfocus.com/bid/67376"
},

3
2014/1xxx/CVE-2014-1742.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securityfocus.com/bid/67375"
},

3
2014/1xxx/CVE-2014-1743.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/1xxx/CVE-2014-1744.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/1xxx/CVE-2014-1745.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/1xxx/CVE-2014-1746.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/1xxx/CVE-2014-1747.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/1xxx/CVE-2014-1748.json
View File

@ -73,6 +73,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2937-1"
},

3
2014/1xxx/CVE-2014-1749.json
View File

@ -61,6 +61,9 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/3xxx/CVE-2014-3121.json
View File

@ -67,6 +67,9 @@
{
"url" : "https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133195.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00026.html"
},
{
"url" : "http://www.securityfocus.com/bid/67155"
}

3
2014/3xxx/CVE-2014-3152.json
View File

@ -70,6 +70,9 @@
{
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157357.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"url" : "http://www.securitytracker.com/id/1030270"
},

3
2014/3xxx/CVE-2014-3153.json
View File

@ -106,6 +106,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html"
},
{
"url" : "http://www.securityfocus.com/bid/67906"
},

3
2014/3xxx/CVE-2014-3430.json
View File

@ -73,6 +73,9 @@
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:113"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0790.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2213-1"
},

3
2014/4xxx/CVE-2014-4049.json
View File

@ -100,6 +100,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00032.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00051.html"
},
{
"url" : "http://www.securityfocus.com/bid/68007"
},

3
2014/4xxx/CVE-2014-4617.json
View File

@ -70,6 +70,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2968"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2967"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00010.html"
},

49
2015/6xxx/CVE-2015-6237.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6237",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted \"privileged commands.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/536609/100/0/threaded"
},
{
"url" : "http://seclists.org/fulldisclosure/2015/Oct/20"
}
]
}

52
2015/7xxx/CVE-2015-7324.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7324",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2015/Oct/11"
},
{
"url" : "https://www.davidsopas.com/komento-joomla-component-persistent-xss/"
},
{
"url" : "https://stackideas.com/changelog/komento?version=2.0.5"
}
]
}

52
2015/7xxx/CVE-2015-7666.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7666",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the cal parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/536602/100/0/threaded"
},
{
"url" : "https://plugins.trac.wordpress.org/changeset/1254452/payment-form-for-paypal-pro"
},
{
"url" : "https://wordpress.org/plugins/payment-form-for-paypal-pro/#developers"
}
]
}

52
2015/7xxx/CVE-2015-7667.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7667",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/536601/100/0/threaded"
},
{
"url" : "https://wpvulndb.com/vulnerabilities/8204"
},
{
"url" : "https://wordpress.org/plugins/resads/#developers"
}
]
}

52
2015/7xxx/CVE-2015-7668.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7668",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/536598/100/0/threaded"
},
{
"url" : "https://wpvulndb.com/vulnerabilities/8205"
},
{
"url" : "https://wordpress.org/plugins/easy2map/#developers"
}
]
}

52
2015/7xxx/CVE-2015-7669.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7669",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,32 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to \"upload file functionality.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/536597/100/0/threaded"
},
{
"url" : "https://wpvulndb.com/vulnerabilities/8206"
},
{
"url" : "https://wordpress.org/plugins/easy2map/#developers"
}
]
}

58
2017/11xxx/CVE-2017-11695.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11695",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Aug/17"
},
{
"url" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html"
},
{
"url" : "http://www.geeknik.net/9brdqk6xu"
},
{
"url" : "http://www.securityfocus.com/bid/100345"
},
{
"url" : "http://www.securitytracker.com/id/1039153"
}
]
}

58
2017/11xxx/CVE-2017-11696.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11696",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Aug/17"
},
{
"url" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html"
},
{
"url" : "http://www.geeknik.net/9brdqk6xu"
},
{
"url" : "http://www.securityfocus.com/bid/100345"
},
{
"url" : "http://www.securitytracker.com/id/1039153"
}
]
}

58
2017/11xxx/CVE-2017-11697.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11697",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Aug/17"
},
{
"url" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html"
},
{
"url" : "http://www.geeknik.net/9brdqk6xu"
},
{
"url" : "http://www.securityfocus.com/bid/100345"
},
{
"url" : "http://www.securitytracker.com/id/1039153"
}
]
}

58
2017/11xxx/CVE-2017-11698.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-11698",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Aug/17"
},
{
"url" : "http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html"
},
{
"url" : "http://www.geeknik.net/9brdqk6xu"
},
{
"url" : "http://www.securityfocus.com/bid/100345"
},
{
"url" : "http://www.securitytracker.com/id/1039153"
}
]
}

61
2017/9xxx/CVE-2017-9608.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-9608",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,41 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.openwall.com/lists/oss-security/2017/08/14/1"
},
{
"url" : "http://www.openwall.com/lists/oss-security/2017/08/15/8"
},
{
"url" : "https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89"
},
{
"url" : "https://github.com/FFmpeg/FFmpeg/commit/31c1c0b46a7021802c3d1d18039fca30dba5a14e"
},
{
"url" : "https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd"
},
{
"url" : "http://www.securityfocus.com/bid/100348"
}
]
}