admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:44:30 +00:00
parent cac77b07e7
commit b754477310
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3851 additions and 3851 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2004/1xxx/CVE-2004-1198.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1198", "ID": "CVE-2004-1198",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays." "value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20041125 MSIE flaws: nested array sort() loop Stack overflow exception", "name": "web-browser-array-dos(18282)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/382257" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18282"
}, },
{ {
"name" : "20041125 MSIE & FIREFOX flaws: \"detailed\" advisory and comments that you probably don't want to read anyway", "name": "11751",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1221.html" "url": "http://www.securityfocus.com/bid/11751"
}, },
{ {
"name" : "11751", "name": "20041125 MSIE & FIREFOX flaws: \"detailed\" advisory and comments that you probably don't want to read anyway",
"refsource" : "BID", "refsource": "FULLDISC",
"url" : "http://www.securityfocus.com/bid/11751" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1221.html"
}, },
{ {
"name" : "web-browser-array-dos(18282)", "name": "20041125 MSIE flaws: nested array sort() loop Stack overflow exception",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18282" "url": "http://www.securityfocus.com/archive/1/382257"
} }
] ]
} }

86
2004/1xxx/CVE-2004-1468.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1468", "ID": "CVE-2004-1468",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message." "value": "The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html", "name": "11122",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html" "url": "http://www.securityfocus.com/bid/11122"
}, },
{ {
"name" : "GLSA-200409-15", "name": "http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html",
"refsource" : "GENTOO", "refsource": "MISC",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml" "url": "http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html"
}, },
{ {
"name" : "11122", "name": "12488",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/11122" "url": "http://secunia.com/advisories/12488/"
}, },
{ {
"name" : "12488", "name": "GLSA-200409-15",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/12488/" "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
}, },
{ {
"name" : "usermin-web-mail-command-execution(17293)", "name": "usermin-web-mail-command-execution(17293)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17293" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17293"
} }
] ]
} }

80
2008/0xxx/CVE-2008-0262.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0262", "ID": "CVE-2008-0262",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter." "value": "SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "4898", "name": "agares-articleblock-sql-injection(39641)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/4898" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641"
}, },
{ {
"name" : "4905", "name": "27258",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/4905" "url": "http://www.securityfocus.com/bid/27258"
}, },
{ {
"name" : "27258", "name": "4905",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/27258" "url": "https://www.exploit-db.com/exploits/4905"
}, },
{ {
"name" : "agares-articleblock-sql-injection(39641)", "name": "4898",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39641" "url": "https://www.exploit-db.com/exploits/4898"
} }
] ]
} }

22
2008/0xxx/CVE-2008-0317.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0317", "ID": "CVE-2008-0317",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

224
2008/0xxx/CVE-2008-0658.json
View File

@ -1,196 +1,196 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-0658", "ID": "CVE-2008-0658",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698." "value": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers", "name": "SUSE-SR:2008:010",
"refsource" : "BUGTRAQ", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/archive/1/488242/100/200/threaded" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
}, },
{ {
"name" : "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h", "name": "MDVSA-2008:058",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
}, },
{ {
"name" : "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358", "name": "29461",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358" "url": "http://secunia.com/advisories/29461"
}, },
{ {
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059", "name": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059" "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h"
}, },
{ {
"name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0059", "name": "29225",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0059" "url": "http://secunia.com/advisories/29225"
}, },
{ {
"name" : "http://support.apple.com/kb/HT3937", "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0059",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT3937" "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
}, },
{ {
"name" : "APPLE-SA-2009-11-09-1", "name": "29682",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" "url": "http://secunia.com/advisories/29682"
}, },
{ {
"name" : "DSA-1541", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2008/dsa-1541" "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
}, },
{ {
"name" : "GLSA-200803-28", "name": "29256",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-200803-28.xml" "url": "http://secunia.com/advisories/29256"
}, },
{ {
"name" : "MDVSA-2008:058", "name": "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
"refsource" : "MANDRIVA", "refsource": "BUGTRAQ",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058" "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
}, },
{ {
"name" : "RHSA-2008:0110", "name": "GLSA-200803-28",
"refsource" : "REDHAT", "refsource": "GENTOO",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0110.html" "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
}, },
{ {
"name" : "SUSE-SR:2008:010", "name": "29068",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html" "url": "http://secunia.com/advisories/29068"
}, },
{ {
"name" : "USN-584-1", "name": "USN-584-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-584-1" "url": "http://www.ubuntu.com/usn/usn-584-1"
}, },
{ {
"name" : "27778", "name": "RHSA-2008:0110",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/27778" "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:9470", "name": "oval:org.mitre.oval:def:9470",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
}, },
{ {
"name" : "ADV-2008-0536", "name": "28953",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/0536/references" "url": "http://secunia.com/advisories/28953"
}, },
{ {
"name" : "1019481", "name": "28914",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1019481" "url": "http://secunia.com/advisories/28914"
}, },
{ {
"name" : "28914", "name": "DSA-1541",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/28914" "url": "http://www.debian.org/security/2008/dsa-1541"
}, },
{ {
"name" : "28926", "name": "openldap-modrdn-dos(40479)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/28926" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
}, },
{ {
"name" : "28953", "name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/28953" "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
}, },
{ {
"name" : "29068", "name": "ADV-2009-3184",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/29068" "url": "http://www.vupen.com/english/advisories/2009/3184"
}, },
{ {
"name" : "29225", "name": "28926",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29225" "url": "http://secunia.com/advisories/28926"
}, },
{ {
"name" : "29256", "name": "27778",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/29256" "url": "http://www.securityfocus.com/bid/27778"
}, },
{ {
"name" : "29461", "name": "ADV-2008-0536",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/29461" "url": "http://www.vupen.com/english/advisories/2008/0536/references"
}, },
{ {
"name" : "29682", "name": "APPLE-SA-2009-11-09-1",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/29682" "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
}, },
{ {
"name" : "29957", "name": "29957",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29957" "url": "http://secunia.com/advisories/29957"
}, },
{ {
"name" : "ADV-2009-3184", "name": "http://support.apple.com/kb/HT3937",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2009/3184" "url": "http://support.apple.com/kb/HT3937"
}, },
{ {
"name" : "openldap-modrdn-dos(40479)", "name": "1019481",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479" "url": "http://www.securitytracker.com/id?1019481"
} }
] ]
} }

86
2008/0xxx/CVE-2008-0703.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0703", "ID": "CVE-2008-0703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php." "value": "Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080131 sflog! 0.96 remote file disclosure vulnerabilities", "name": "20080131 sflog! 0.96 remote file disclosure vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/487368/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/487368/100/0/threaded"
}, },
{ {
"name" : "5027", "name": "5027",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5027" "url": "https://www.exploit-db.com/exploits/5027"
}, },
{ {
"name" : "27541", "name": "sflog-blog-index-directory-traversal(40115)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/27541" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40115"
}, },
{ {
"name" : "3629", "name": "3629",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/3629" "url": "http://securityreason.com/securityalert/3629"
}, },
{ {
"name" : "sflog-blog-index-directory-traversal(40115)", "name": "27541",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40115" "url": "http://www.securityfocus.com/bid/27541"
} }
] ]
} }

110
2008/3xxx/CVE-2008-3170.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3170", "ID": "CVE-2008-3170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka \"Cross-Site Cooking,\" a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867." "value": "Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka \"Cross-Site Cooking,\" a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html", "name": "ADV-2008-3444",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html" "url": "http://www.vupen.com/english/advisories/2008/3444"
}, },
{ {
"name" : "http://support.apple.com/kb/HT3338", "name": "TA08-350A",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://support.apple.com/kb/HT3338" "url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
}, },
{ {
"name" : "APPLE-SA-2008-12-15", "name": "30192",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html" "url": "http://www.securityfocus.com/bid/30192"
}, },
{ {
"name" : "TA08-350A", "name": "31128",
"refsource" : "CERT", "refsource": "SECUNIA",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-350A.html" "url": "http://secunia.com/advisories/31128"
}, },
{ {
"name" : "30192", "name": "http://support.apple.com/kb/HT3338",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/30192" "url": "http://support.apple.com/kb/HT3338"
}, },
{ {
"name" : "ADV-2008-3444", "name": "safari-domains-session-hijacking(43839)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2008/3444" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43839"
}, },
{ {
"name" : "1020539", "name": "APPLE-SA-2008-12-15",
"refsource" : "SECTRACK", "refsource": "APPLE",
"url" : "http://www.securitytracker.com/id?1020539" "url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
}, },
{ {
"name" : "31128", "name": "http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/31128" "url": "http://kuza55.blogspot.com/2008/07/some-random-safari-notes.html"
}, },
{ {
"name" : "safari-domains-session-hijacking(43839)", "name": "1020539",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43839" "url": "http://www.securitytracker.com/id?1020539"
} }
] ]
} }

22
2008/3xxx/CVE-2008-3517.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2008-3517", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2008-3517",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3522. Reason: This candidate is a reservation duplicate of CVE-2008-3522. Notes: All CVE users should reference CVE-2008-3522 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3522. Reason: This candidate is a reservation duplicate of CVE-2008-3522. Notes: All CVE users should reference CVE-2008-3522 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

80
2008/3xxx/CVE-2008-3774.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3774", "ID": "CVE-2008-3774",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.securityfocus.com/bid/30774/exploit", "name": "30774",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/30774/exploit" "url": "http://www.securityfocus.com/bid/30774"
}, },
{ {
"name" : "http://packetstormsecurity.org/0808-exploits/simasycms-sql.txt", "name": "http://packetstormsecurity.org/0808-exploits/simasycms-sql.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.org/0808-exploits/simasycms-sql.txt" "url": "http://packetstormsecurity.org/0808-exploits/simasycms-sql.txt"
}, },
{ {
"name" : "30774", "name": "http://www.securityfocus.com/bid/30774/exploit",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/30774" "url": "http://www.securityfocus.com/bid/30774/exploit"
}, },
{ {
"name" : "simasycms-index-sql-injection(44580)", "name": "simasycms-index-sql-injection(44580)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44580" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44580"
} }
] ]
} }

80
2008/3xxx/CVE-2008-3897.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3897", "ID": "CVE-2008-3897",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer." "value": "DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080825 [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage", "name": "http://www.ivizsecurity.com/preboot-patch.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/495725/100/0/threaded" "url": "http://www.ivizsecurity.com/preboot-patch.html"
}, },
{ {
"name" : "http://www.ivizsecurity.com/preboot-patch.html", "name": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.ivizsecurity.com/preboot-patch.html" "url": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf"
}, },
{ {
"name" : "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf", "name": "20080825 [IVIZ-08-006] DiskCryptor Security Model bypass exploiting wrong BIOS API usage",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf" "url": "http://www.securityfocus.com/archive/1/495725/100/0/threaded"
}, },
{ {
"name" : "4212", "name": "4212",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/4212" "url": "http://securityreason.com/securityalert/4212"
} }
] ]
} }

98
2008/4xxx/CVE-2008-4206.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4206", "ID": "CVE-2008-4206",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in config.php in Attachmax Dolphin 2.1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter." "value": "PHP remote file inclusion vulnerability in config.php in Attachmax Dolphin 2.1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080916 [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerabilities", "name": "48269",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/496427/100/0/threaded" "url": "http://osvdb.org/48269"
}, },
{ {
"name" : "6468", "name": "http://e-rdc.org/v1/news.php?readmore=108",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/6468" "url": "http://e-rdc.org/v1/news.php?readmore=108"
}, },
{ {
"name" : "http://e-rdc.org/v1/news.php?readmore=108", "name": "31794",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://e-rdc.org/v1/news.php?readmore=108" "url": "http://secunia.com/advisories/31794"
}, },
{ {
"name" : "31207", "name": "6468",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/31207" "url": "https://www.exploit-db.com/exploits/6468"
}, },
{ {
"name" : "48269", "name": "20080916 [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerabilities",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://osvdb.org/48269" "url": "http://www.securityfocus.com/archive/1/496427/100/0/threaded"
}, },
{ {
"name" : "31794", "name": "31207",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/31794" "url": "http://www.securityfocus.com/bid/31207"
}, },
{ {
"name" : "4307", "name": "4307",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/4307" "url": "http://securityreason.com/securityalert/4307"
} }
] ]
} }

92
2008/4xxx/CVE-2008-4393.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4393", "ID": "CVE-2008-4393",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to zodiac/servlet/zodiac." "value": "Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to zodiac/servlet/zodiac."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081003 IRM Security Advisory: VeriSign Kontiki Delivery Management System (DMS) Cross-Site Scripting Vulnerability", "name": "20081003 IRM Security Advisory: VeriSign Kontiki Delivery Management System (DMS) Cross-Site Scripting Vulnerability",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2008/Oct/0054.html" "url": "http://seclists.org/fulldisclosure/2008/Oct/0054.html"
}, },
{ {
"name" : "http://www.irmplc.com/researchlab/advisories/170", "name": "https://customersupport.kontiki.com/software/patch-20102",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.irmplc.com/researchlab/advisories/170" "url": "https://customersupport.kontiki.com/software/patch-20102"
}, },
{ {
"name" : "https://customersupport.kontiki.com/software/patch-20102", "name": "kontiki-zodiac-xss(45670)",
"refsource" : "MISC", "refsource": "XF",
"url" : "https://customersupport.kontiki.com/software/patch-20102" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45670"
}, },
{ {
"name" : "31580", "name": "32156",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/31580" "url": "http://secunia.com/advisories/32156"
}, },
{ {
"name" : "32156", "name": "http://www.irmplc.com/researchlab/advisories/170",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/32156" "url": "http://www.irmplc.com/researchlab/advisories/170"
}, },
{ {
"name" : "kontiki-zodiac-xss(45670)", "name": "31580",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45670" "url": "http://www.securityfocus.com/bid/31580"
} }
] ]
} }

92
2008/4xxx/CVE-2008-4520.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4520", "ID": "CVE-2008-4520",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter." "value": "Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3", "name": "31559",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3" "url": "http://www.securityfocus.com/bid/31559"
}, },
{ {
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=2141884&group_id=216367&atid=1037394", "name": "http://sourceforge.net/project/shownotes.php?group_id=216367&release_id=630124",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=2141884&group_id=216367&atid=1037394" "url": "http://sourceforge.net/project/shownotes.php?group_id=216367&release_id=630124"
}, },
{ {
"name" : "http://sourceforge.net/project/shownotes.php?group_id=216367&release_id=630124", "name": "http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=216367&release_id=630124" "url": "http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3"
}, },
{ {
"name" : "31559", "name": "autonessus-bulkupdate-xss(45634)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/31559" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45634"
}, },
{ {
"name" : "32046", "name": "32046",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/32046" "url": "http://secunia.com/advisories/32046"
}, },
{ {
"name" : "autonessus-bulkupdate-xss(45634)", "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=2141884&group_id=216367&atid=1037394",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45634" "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=2141884&group_id=216367&atid=1037394"
} }
] ]
} }

74
2008/4xxx/CVE-2008-4661.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4661", "ID": "CVE-2008-4661",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://typo3.org/extensions/repository/view/sm_pageimprovements/0.3.0/info/ChangeLog/", "name": "ADV-2008-2870",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://typo3.org/extensions/repository/view/sm_pageimprovements/0.3.0/info/ChangeLog/" "url": "http://www.vupen.com/english/advisories/2008/2870"
}, },
{ {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/", "name": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/" "url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
}, },
{ {
"name" : "ADV-2008-2870", "name": "http://typo3.org/extensions/repository/view/sm_pageimprovements/0.3.0/info/ChangeLog/",
"refsource" : "VUPEN", "refsource": "MISC",
"url" : "http://www.vupen.com/english/advisories/2008/2870" "url": "http://typo3.org/extensions/repository/view/sm_pageimprovements/0.3.0/info/ChangeLog/"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6421.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6421", "ID": "CVE-2008-6421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter." "value": "PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "5707", "name": "45865",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/5707" "url": "http://osvdb.org/45865"
}, },
{ {
"name" : "29462", "name": "socialsitegenerator-path-file-include(42780)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/29462" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42780"
}, },
{ {
"name" : "45865", "name": "29462",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/45865" "url": "http://www.securityfocus.com/bid/29462"
}, },
{ {
"name" : "30462", "name": "5707",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/30462" "url": "https://www.exploit-db.com/exploits/5707"
}, },
{ {
"name" : "socialsitegenerator-path-file-include(42780)", "name": "30462",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42780" "url": "http://secunia.com/advisories/30462"
} }
] ]
} }

98
2013/2xxx/CVE-2013-2053.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-2053", "ID": "CVE-2013-2053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054." "value": "Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[Swan-announce] 20130514 CVE-2013-2052: Libreswan remote buffer overflow in atodn()", "name": "https://www.openswan.org/news/13",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html" "url": "https://www.openswan.org/news/13"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=960229", "name": "SUSE-SU-2013:1150",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=960229" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html"
}, },
{ {
"name" : "https://www.openswan.org/news/13", "name": "RHSA-2013:0827",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://www.openswan.org/news/13" "url": "http://rhn.redhat.com/errata/RHSA-2013-0827.html"
}, },
{ {
"name" : "DSA-2893", "name": "59838",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2014/dsa-2893" "url": "http://www.securityfocus.com/bid/59838"
}, },
{ {
"name" : "RHSA-2013:0827", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=960229",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0827.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960229"
}, },
{ {
"name" : "SUSE-SU-2013:1150", "name": "[Swan-announce] 20130514 CVE-2013-2052: Libreswan remote buffer overflow in atodn()",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html" "url": "https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html"
}, },
{ {
"name" : "59838", "name": "DSA-2893",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/59838" "url": "http://www.debian.org/security/2014/dsa-2893"
} }
] ]
} }

22
2013/2xxx/CVE-2013-2281.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2281", "ID": "CVE-2013-2281",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2013/2xxx/CVE-2013-2359.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2013-2359", "ID": "CVE-2013-2359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360." "value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBMU02900", "name": "SSRT100907",
"refsource" : "HP", "refsource": "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}, },
{ {
"name" : "SSRT100907", "name": "HPSBMU02900",
"refsource" : "HP", "refsource": "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
} }
] ]
} }

248
2013/2xxx/CVE-2013-2473.json
View File

@ -1,216 +1,216 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-2473", "ID": "CVE-2013-2473",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to \"Incorrect ByteBandedRaster size checks\" in 2D." "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to \"Incorrect ByteBandedRaster size checks\" in 2D."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/259d4998ce2f", "name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/259d4998ce2f",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/259d4998ce2f" "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/259d4998ce2f"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html", "name": "RHSA-2013:1060",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=975110", "name": "HPSBUX02908",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=975110" "url": "http://marc.info/?l=bugtraq&m=137545592101387&w=2"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21642336", "name": "RHSA-2014:0414",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21642336" "url": "https://access.redhat.com/errata/RHSA-2014:0414"
}, },
{ {
"name" : "http://advisories.mageia.org/MGASA-2013-0185.html", "name": "GLSA-201406-32",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://advisories.mageia.org/MGASA-2013-0185.html" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "GLSA-201406-32", "name": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
}, },
{ {
"name" : "HPSBUX02922", "name": "SUSE-SU-2013:1264",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
}, },
{ {
"name" : "SSRT101305", "name": "SUSE-SU-2013:1257",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
}, },
{ {
"name" : "HPSBUX02907", "name": "HPSBUX02907",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=137545505800971&w=2" "url": "http://marc.info/?l=bugtraq&m=137545505800971&w=2"
}, },
{ {
"name" : "HPSBUX02908", "name": "SUSE-SU-2013:1256",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://marc.info/?l=bugtraq&m=137545592101387&w=2" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
}, },
{ {
"name" : "MDVSA-2013:183", "name": "oval:org.mitre.oval:def:17189",
"refsource" : "MANDRIVA", "refsource": "OVAL",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17189"
}, },
{ {
"name" : "RHSA-2013:0963", "name": "54154",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0963.html" "url": "http://secunia.com/advisories/54154"
}, },
{ {
"name" : "RHSA-2013:1081", "name": "RHSA-2013:1455",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1081.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
}, },
{ {
"name" : "RHSA-2013:1060", "name": "oval:org.mitre.oval:def:18888",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1060.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18888"
}, },
{ {
"name" : "RHSA-2013:1455", "name": "SSRT101305",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
}, },
{ {
"name" : "RHSA-2013:1456", "name": "HPSBUX02922",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
}, },
{ {
"name" : "RHSA-2013:1059", "name": "SUSE-SU-2013:1263",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1059.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
}, },
{ {
"name" : "RHSA-2014:0414", "name": "RHSA-2013:1059",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
}, },
{ {
"name" : "SUSE-SU-2013:1305", "name": "oval:org.mitre.oval:def:19600",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19600"
}, },
{ {
"name" : "SUSE-SU-2013:1293", "name": "oval:org.mitre.oval:def:19652",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19652"
}, },
{ {
"name" : "SUSE-SU-2013:1255", "name": "SUSE-SU-2013:1293",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
}, },
{ {
"name" : "SUSE-SU-2013:1256", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=975110",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975110"
}, },
{ {
"name" : "SUSE-SU-2013:1257", "name": "RHSA-2013:1081",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
}, },
{ {
"name" : "SUSE-SU-2013:1263", "name": "TA13-169A",
"refsource" : "SUSE", "refsource": "CERT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html" "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
}, },
{ {
"name" : "SUSE-SU-2013:1264", "name": "http://advisories.mageia.org/MGASA-2013-0185.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html" "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
}, },
{ {
"name" : "TA13-169A", "name": "60623",
"refsource" : "CERT", "refsource": "BID",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-169A" "url": "http://www.securityfocus.com/bid/60623"
}, },
{ {
"name" : "60623", "name": "RHSA-2013:0963",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/60623" "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:17189", "name": "SUSE-SU-2013:1255",
"refsource" : "OVAL", "refsource": "SUSE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17189" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:18888", "name": "RHSA-2013:1456",
"refsource" : "OVAL", "refsource": "REDHAT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18888" "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19600", "name": "MDVSA-2013:183",
"refsource" : "OVAL", "refsource": "MANDRIVA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19600" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19652", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19652" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}, },
{ {
"name" : "54154", "name": "SUSE-SU-2013:1305",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/54154" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
} }
] ]
} }

62
2013/3xxx/CVE-2013-3080.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-3080", "ID": "CVE-2013-3080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access." "value": "VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2013-0006.html", "name": "http://www.vmware.com/security/advisories/VMSA-2013-0006.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2013-0006.html" "url": "http://www.vmware.com/security/advisories/VMSA-2013-0006.html"
} }
] ]
} }

86
2013/6xxx/CVE-2013-6233.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-6233", "ID": "CVE-2013-6233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the \"Short document metadata.\"" "value": "Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the \"Short document metadata.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140301 [CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0", "name": "32039",
"refsource" : "BUGTRAQ", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/archive/1/531322/100/0/threaded" "url": "http://www.exploit-db.com/exploits/32039"
}, },
{ {
"name" : "32039", "name": "http://packetstormsecurity.com/files/125496",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/32039" "url": "http://packetstormsecurity.com/files/125496"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/125496", "name": "20140301 [CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://packetstormsecurity.com/files/125496" "url": "http://www.securityfocus.com/archive/1/531322/100/0/threaded"
}, },
{ {
"name" : "65915", "name": "65915",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/65915" "url": "http://www.securityfocus.com/bid/65915"
}, },
{ {
"name" : "spagobi-cve20136233-xss(91506)", "name": "spagobi-cve20136233-xss(91506)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91506" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91506"
} }
] ]
} }

74
2013/6xxx/CVE-2013-6409.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-6409", "ID": "CVE-2013-6409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Debian adequate before 0.8.1, when run by root with the --user option, allows local users to hijack the tty and possibly gain privileges via the TIOCSTI ioctl." "value": "Debian adequate before 0.8.1, when run by root with the --user option, allows local users to hijack the tty and possibly gain privileges via the TIOCSTI ioctl."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730691", "name": "63994",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730691" "url": "http://www.securityfocus.com/bid/63994"
}, },
{ {
"name" : "https://bitbucket.org/jwilk/adequate/raw/tip/debian/changelog", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730691",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bitbucket.org/jwilk/adequate/raw/tip/debian/changelog" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730691"
}, },
{ {
"name" : "63994", "name": "https://bitbucket.org/jwilk/adequate/raw/tip/debian/changelog",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/63994" "url": "https://bitbucket.org/jwilk/adequate/raw/tip/debian/changelog"
} }
] ]
} }

80
2013/6xxx/CVE-2013-6412.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-6412", "ID": "CVE-2013-6412",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a \"7,\" which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors." "value": "The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a \"7,\" which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1034261", "name": "https://github.com/hercules-team/augeas/pull/58",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1034261" "url": "https://github.com/hercules-team/augeas/pull/58"
}, },
{ {
"name" : "https://github.com/hercules-team/augeas/commit/f5b4fc0c", "name": "RHSA-2014:0044",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://github.com/hercules-team/augeas/commit/f5b4fc0c" "url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
}, },
{ {
"name" : "https://github.com/hercules-team/augeas/pull/58", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/hercules-team/augeas/pull/58" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
}, },
{ {
"name" : "RHSA-2014:0044", "name": "https://github.com/hercules-team/augeas/commit/f5b4fc0c",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0044.html" "url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
} }
] ]
} }

104
2013/6xxx/CVE-2013-6621.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-6621", "ID": "CVE-2013-6621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element." "value": "Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html", "name": "https://code.google.com/p/chromium/issues/detail?id=268565",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html" "url": "https://code.google.com/p/chromium/issues/detail?id=268565"
}, },
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=268565", "name": "openSUSE-SU-2014:0065",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://code.google.com/p/chromium/issues/detail?id=268565" "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
}, },
{ {
"name" : "DSA-2799", "name": "oval:org.mitre.oval:def:19006",
"refsource" : "DEBIAN", "refsource": "OVAL",
"url" : "http://www.debian.org/security/2013/dsa-2799" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006"
}, },
{ {
"name" : "openSUSE-SU-2013:1776", "name": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html" "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1777", "name": "openSUSE-SU-2013:1776",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1861", "name": "DSA-2799",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html" "url": "http://www.debian.org/security/2013/dsa-2799"
}, },
{ {
"name" : "openSUSE-SU-2014:0065", "name": "openSUSE-SU-2013:1861",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19006", "name": "openSUSE-SU-2013:1777",
"refsource" : "OVAL", "refsource": "SUSE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
} }
] ]
} }

134
2013/6xxx/CVE-2013-6627.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-6627", "ID": "CVE-2013-6627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response." "value": "net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "40944", "name": "http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/40944/" "url": "http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html"
}, },
{ {
"name" : "20161219 CVE-2013-6627: Chrome Chrome HTTP 1xx base::StringTokenizerT<...>::QuickGetNext OOBR", "name": "https://src.chromium.org/viewvc/chrome?revision=226539&view=revision",
"refsource" : "FULLDISC", "refsource": "CONFIRM",
"url" : "http://seclists.org/fulldisclosure/2016/Dec/65" "url": "https://src.chromium.org/viewvc/chrome?revision=226539&view=revision"
}, },
{ {
"name" : "http://blog.skylined.nl/20161219001.html", "name": "40944",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://blog.skylined.nl/20161219001.html" "url": "https://www.exploit-db.com/exploits/40944/"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html", "name": "openSUSE-SU-2014:0065",
"refsource" : "MISC", "refsource": "SUSE",
"url" : "http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html" "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html", "name": "https://code.google.com/p/chromium/issues/detail?id=299892",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html" "url": "https://code.google.com/p/chromium/issues/detail?id=299892"
}, },
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=299892", "name": "20161219 CVE-2013-6627: Chrome Chrome HTTP 1xx base::StringTokenizerT<...>::QuickGetNext OOBR",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "https://code.google.com/p/chromium/issues/detail?id=299892" "url": "http://seclists.org/fulldisclosure/2016/Dec/65"
}, },
{ {
"name" : "https://src.chromium.org/viewvc/chrome?revision=226539&view=revision", "name": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://src.chromium.org/viewvc/chrome?revision=226539&view=revision" "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
}, },
{ {
"name" : "DSA-2799", "name": "openSUSE-SU-2013:1776",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2013/dsa-2799" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1776", "name": "http://blog.skylined.nl/20161219001.html",
"refsource" : "SUSE", "refsource": "MISC",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html" "url": "http://blog.skylined.nl/20161219001.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1777", "name": "DSA-2799",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html" "url": "http://www.debian.org/security/2013/dsa-2799"
}, },
{ {
"name" : "openSUSE-SU-2013:1861", "name": "openSUSE-SU-2013:1861",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
}, },
{ {
"name" : "openSUSE-SU-2014:0065", "name": "openSUSE-SU-2013:1777",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19113", "name": "oval:org.mitre.oval:def:19113",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19113" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19113"
} }
] ]
} }

62
2013/6xxx/CVE-2013-6775.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-6775", "ID": "CVE-2013-6775",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su." "value": "The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20131113 Android Superuser shell character escape vulnerability", "name": "20131113 Android Superuser shell character escape vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/529797" "url": "http://www.securityfocus.com/archive/1/529797"
} }
] ]
} }

90
2017/10xxx/CVE-2017-10424.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-10424", "ID": "CVE-2017-10424",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Enterprise Monitor", "product_name": "MySQL Enterprise Monitor",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.2.8.2223 and earlier" "version_value": "3.2.8.2223 and earlier"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.3.4.3247 and earlier" "version_value": "3.3.4.3247 and earlier"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "3.4.2.4181 and earlier" "version_value": "3.4.2.4181 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)." "value": "Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor." "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "name": "https://security.netapp.com/advisory/ntap-20171019-0002/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20171019-0002/", "name": "101381",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security.netapp.com/advisory/ntap-20171019-0002/" "url": "http://www.securityfocus.com/bid/101381"
}, },
{ {
"name" : "101381", "name": "1039597",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101381" "url": "http://www.securitytracker.com/id/1039597"
}, },
{ {
"name" : "1039597", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1039597" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
} }
] ]
} }

22
2017/10xxx/CVE-2017-10450.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10450", "ID": "CVE-2017-10450",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/10xxx/CVE-2017-10748.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10748", "ID": "CVE-2017-10748",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a \"User Mode Write AV starting at xnview+0x000000000022bf8d.\"" "value": "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a \"User Mode Write AV starting at xnview+0x000000000022bf8d.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10748", "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10748",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10748" "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10748"
} }
] ]
} }

94
2017/14xxx/CVE-2017-14079.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@trendmicro.com", "ASSIGNER": "security@trendmicro.com",
"DATE_PUBLIC" : "2017-09-15T00:00:00", "DATE_PUBLIC": "2017-09-15T00:00:00",
"ID" : "CVE-2017-14079", "ID": "CVE-2017-14079",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Mobile Security (Enterprise)", "product_name": "Mobile Security (Enterprise)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "< 9.7 Patch 3" "version_value": "< 9.7 Patch 3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Trend Micro" "vendor_name": "Trend Micro"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations." "value": "Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "File Uploads" "value": "File Uploads"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-785", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-807",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-785" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-807"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-789", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-789",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-789" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-789"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-790", "name": "100970",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-790" "url": "http://www.securityfocus.com/bid/100970"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-807", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-790",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-807" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-790"
}, },
{ {
"name" : "https://success.trendmicro.com/solution/1118224", "name": "https://success.trendmicro.com/solution/1118224",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://success.trendmicro.com/solution/1118224" "url": "https://success.trendmicro.com/solution/1118224"
}, },
{ {
"name" : "100970", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-785",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/100970" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-785"
} }
] ]
} }

62
2017/14xxx/CVE-2017-14124.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14124", "ID": "CVE-2017-14124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions." "value": "In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124", "name": "https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124" "url": "https://www.myelux.com/cvesingle.htm?cve_id=CVE-2017-14124"
} }
] ]
} }

62
2017/14xxx/CVE-2017-14272.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14272", "ID": "CVE-2017-14272",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a \"User Mode Write AV starting at jbig2dec+0x000000000000595d.\"" "value": "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a \"User Mode Write AV starting at jbig2dec+0x000000000000595d.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14272", "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14272",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14272" "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14272"
} }
] ]
} }

74
2017/14xxx/CVE-2017-14375.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2017-14375", "ID": "CVE-2017-14375",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier)", "product_name": "EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier)" "version_value": "EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system." "value": "EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Authentication Bypass Vulnerability" "value": "Authentication Bypass Vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://seclists.org/fulldisclosure/2017/Oct/70", "name": "101673",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://seclists.org/fulldisclosure/2017/Oct/70" "url": "http://www.securityfocus.com/bid/101673"
}, },
{ {
"name" : "101673", "name": "http://seclists.org/fulldisclosure/2017/Oct/70",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101673" "url": "http://seclists.org/fulldisclosure/2017/Oct/70"
}, },
{ {
"name" : "1039704", "name": "1039704",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039704" "url": "http://www.securitytracker.com/id/1039704"
} }
] ]
} }

68
2017/14xxx/CVE-2017-14952.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14952", "ID": "CVE-2017-14952",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a \"redundant UVector entry clean up function call\" issue." "value": "Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a \"redundant UVector entry clean up function call\" issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/", "name": "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/" "url": "http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/"
}, },
{ {
"name" : "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp", "name": "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp" "url": "http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp"
} }
] ]
} }

62
2017/15xxx/CVE-2017-15343.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2017-15343", "ID": "CVE-2017-15343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AR3200", "product_name": "AR3200",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30" "version_value": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot." "value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "integer overflow" "value": "integer overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
} }
] ]
} }

62
2017/15xxx/CVE-2017-15345.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2017-15345", "ID": "CVE-2017-15345",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "LON-L29D", "product_name": "LON-L29D",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "LON-L29DC721B186" "version_value": "LON-L29DC721B186"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot." "value": "Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "DoS" "value": "DoS"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en"
} }
] ]
} }

22
2017/17xxx/CVE-2017-17366.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-17366", "ID": "CVE-2017-17366",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2017/17xxx/CVE-2017-17623.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-17623", "ID": "CVE-2017-17623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter." "value": "Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "43292", "name": "43292",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43292/" "url": "https://www.exploit-db.com/exploits/43292/"
}, },
{ {
"name" : "https://packetstormsecurity.com/files/145335/Opensource-Classified-Ads-Script-3.2-SQL-Injection.html", "name": "https://packetstormsecurity.com/files/145335/Opensource-Classified-Ads-Script-3.2-SQL-Injection.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://packetstormsecurity.com/files/145335/Opensource-Classified-Ads-Script-3.2-SQL-Injection.html" "url": "https://packetstormsecurity.com/files/145335/Opensource-Classified-Ads-Script-3.2-SQL-Injection.html"
} }
] ]
} }

22
2017/9xxx/CVE-2017-9015.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9015", "ID": "CVE-2017-9015",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/9xxx/CVE-2017-9452.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9452", "ID": "CVE-2017-9452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter." "value": "Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/Piwigo/Piwigo/issues/667", "name": "https://github.com/Piwigo/Piwigo/issues/667",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/Piwigo/Piwigo/issues/667" "url": "https://github.com/Piwigo/Piwigo/issues/667"
} }
] ]
} }

62
2017/9xxx/CVE-2017-9818.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9818", "ID": "CVE-2017-9818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The National Payments Corporation of India BHIM application 1.3 for Android relies on a four-digit passcode, which makes it easier for attackers to obtain access." "value": "The National Payments Corporation of India BHIM application 1.3 for Android relies on a four-digit passcode, which makes it easier for attackers to obtain access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf", "name": "https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf" "url": "https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf"
} }
] ]
} }

74
2017/9xxx/CVE-2017-9949.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9949", "ID": "CVE-2017-9949",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02." "value": "The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191", "name": "https://github.com/radare/radare2/issues/7683",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191" "url": "https://github.com/radare/radare2/issues/7683"
}, },
{ {
"name" : "https://github.com/radare/radare2/issues/7683", "name": "https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/radare/radare2/issues/7683" "url": "https://github.com/radare/radare2/commit/796dd28aaa6b9fa76d99c42c4d5ff8b257cc2191"
}, },
{ {
"name" : "99305", "name": "99305",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/99305" "url": "http://www.securityfocus.com/bid/99305"
} }
] ]
} }

86
2017/9xxx/CVE-2017-9993.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9993", "ID": "CVE-2017-9993",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data." "value": "FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update", "name": "https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html" "url": "https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb"
}, },
{ {
"name" : "https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021", "name": "DSA-3957",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021" "url": "http://www.debian.org/security/2017/dsa-3957"
}, },
{ {
"name" : "https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb", "name": "https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb" "url": "https://github.com/FFmpeg/FFmpeg/commit/189ff4219644532bdfa7bab28dfedaee4d6d4021"
}, },
{ {
"name" : "DSA-3957", "name": "99315",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2017/dsa-3957" "url": "http://www.securityfocus.com/bid/99315"
}, },
{ {
"name" : "99315", "name": "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/99315" "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html"
} }
] ]
} }

68
2018/0xxx/CVE-2018-0608.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0608", "ID": "CVE-2018-0608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "H2O", "product_name": "H2O",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 2.2.4 and earlier" "version_value": "version 2.2.4 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kazuho Oku" "vendor_name": "Kazuho Oku"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors." "value": "Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Overflow" "value": "Buffer Overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/h2o/h2o/issues/1775", "name": "JVN#93226941",
"refsource" : "MISC", "refsource": "JVN",
"url" : "https://github.com/h2o/h2o/issues/1775" "url": "http://jvn.jp/en/jp/JVN93226941/index.html"
}, },
{ {
"name" : "JVN#93226941", "name": "https://github.com/h2o/h2o/issues/1775",
"refsource" : "JVN", "refsource": "MISC",
"url" : "http://jvn.jp/en/jp/JVN93226941/index.html" "url": "https://github.com/h2o/h2o/issues/1775"
} }
] ]
} }

68
2018/0xxx/CVE-2018-0654.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0654", "ID": "CVE-2018-0654",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GROWI", "product_name": "GROWI",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v.3.1.11 and earlier" "version_value": "v.3.1.11 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "WESEEK, Inc." "vendor_name": "WESEEK, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page." "value": "Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting" "value": "Cross-site scripting"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://weseek.co.jp/security/2018/07/31/growi-prevent-xss/", "name": "https://weseek.co.jp/security/2018/07/31/growi-prevent-xss/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://weseek.co.jp/security/2018/07/31/growi-prevent-xss/" "url": "https://weseek.co.jp/security/2018/07/31/growi-prevent-xss/"
}, },
{ {
"name" : "JVN#18716340", "name": "JVN#18716340",
"refsource" : "JVN", "refsource": "JVN",
"url" : "http://jvn.jp/en/jp/JVN18716340/index.html" "url": "http://jvn.jp/en/jp/JVN18716340/index.html"
} }
] ]
} }

82
2018/0xxx/CVE-2018-0775.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2018-01-03T00:00:00", "DATE_PUBLIC": "2018-01-03T00:00:00",
"ID" : "CVE-2018-0775", "ID": "CVE-2018-0775",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 1709" "version_value": "Windows 10 1709"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781." "value": "Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2018-0758, CVE-2018-0762, CVE-2018-0768, CVE-2018-0769, CVE-2018-0770, CVE-2018-0772, CVE-2018-0773, CVE-2018-0774, CVE-2018-0776, CVE-2018-0777, CVE-2018-0778, and CVE-2018-0781."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "43717", "name": "43717",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43717/" "url": "https://www.exploit-db.com/exploits/43717/"
}, },
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775", "name": "1040100",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775" "url": "http://www.securitytracker.com/id/1040100"
}, },
{ {
"name" : "102400", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/102400" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0775"
}, },
{ {
"name" : "1040100", "name": "102400",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1040100" "url": "http://www.securityfocus.com/bid/102400"
} }
] ]
} }

74
2018/1000xxx/CVE-2018-1000533.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-06-23T11:22:33.047687", "DATE_ASSIGNED": "2018-06-23T11:22:33.047687",
"DATE_REQUESTED" : "2018-04-25T21:21:45", "DATE_REQUESTED": "2018-04-25T21:21:45",
"ID" : "CVE-2018-1000533", "ID": "CVE-2018-1000533",
"REQUESTER" : "kacperszurek+cve@gmail.com", "REQUESTER": "kacperszurek+cve@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GitList", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<= 0.6" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "klaussilveira" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322." "value": "klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Passing incorrectly sanitized input to system function" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322", "name": "https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322" "url": "https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html"
}, },
{ {
"name" : "https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html", "name": "https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html" "url": "https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322"
} }
] ]
} }

74
2018/1000xxx/CVE-2018-1000671.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-09-03T16:07:16.981347", "DATE_ASSIGNED": "2018-09-03T16:07:16.981347",
"DATE_REQUESTED" : "2018-08-26T16:04:53", "DATE_REQUESTED": "2018-08-26T16:04:53",
"ID" : "CVE-2018-1000671", "ID": "CVE-2018-1000671",
"REQUESTER" : "john@nixnuts.net", "REQUESTER": "john@nixnuts.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "sympa", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.2.16 and later" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "sympa" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The \"referer\" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available." "value": "sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The \"referer\" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be exploitable via Victim's browser must follow a URL supplied by the attacker. This vulnerability appears to have been fixed in none available."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180921 [SECURITY] [DLA 1512-1] sympa security update", "name": "https://github.com/sympa-community/sympa/issues/268",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00023.html" "url": "https://github.com/sympa-community/sympa/issues/268"
}, },
{ {
"name" : "https://github.com/sympa-community/sympa/issues/268", "name": "[debian-lts-announce] 20180921 [SECURITY] [DLA 1512-1] sympa security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://github.com/sympa-community/sympa/issues/268" "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00023.html"
} }
] ]
} }

22
2018/16xxx/CVE-2018-16441.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16441", "ID": "CVE-2018-16441",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

92
2018/16xxx/CVE-2018-16587.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16587", "ID": "CVE-2018-16587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to." "value": "In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180926 [SECURITY] [DLA 1521-1] otrs2 security update", "name": "https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00033.html" "url": "https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711"
}, },
{ {
"name" : "https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/", "name": "DSA-4317",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/" "url": "https://www.debian.org/security/2018/dsa-4317"
}, },
{ {
"name" : "https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01", "name": "[debian-lts-announce] 20180926 [SECURITY] [DLA 1521-1] otrs2 security update",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01" "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00033.html"
}, },
{ {
"name" : "https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843", "name": "https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843" "url": "https://community.otrs.com/security-advisory-2018-04-security-update-for-otrs-framework/"
}, },
{ {
"name" : "https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711", "name": "https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/OTRS/otrs/commit/d9db0c6a15caafda7689320ecf61777993c33711" "url": "https://github.com/OTRS/otrs/commit/a4a1a01f84fac7ab032570ee50b660e2ebb15c01"
}, },
{ {
"name" : "DSA-4317", "name": "https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "https://www.debian.org/security/2018/dsa-4317" "url": "https://github.com/OTRS/otrs/commit/d8cae00b0f78c2a07bb10cedb817304139395843"
} }
] ]
} }

62
2018/19xxx/CVE-2018-19090.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19090", "ID": "CVE-2018-19090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "tianti 2.3 has stored XSS in the article management module via an article title." "value": "tianti 2.3 has stored XSS in the article management module via an article title."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/xujeff/tianti/issues/27", "name": "https://github.com/xujeff/tianti/issues/27",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/xujeff/tianti/issues/27" "url": "https://github.com/xujeff/tianti/issues/27"
} }
] ]
} }

22
2018/19xxx/CVE-2018-19297.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19297", "ID": "CVE-2018-19297",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/19xxx/CVE-2018-19551.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19551", "ID": "CVE-2018-19551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Interspire Email Marketer through 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php." "value": "Interspire Email Marketer through 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://medium.com/@buiquang266/some-vulnerabilities-in-interspire-email-marketer-caa7bc861d14", "name": "https://medium.com/@buiquang266/some-vulnerabilities-in-interspire-email-marketer-caa7bc861d14",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://medium.com/@buiquang266/some-vulnerabilities-in-interspire-email-marketer-caa7bc861d14" "url": "https://medium.com/@buiquang266/some-vulnerabilities-in-interspire-email-marketer-caa7bc861d14"
} }
] ]
} }

22
2018/19xxx/CVE-2018-19781.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19781", "ID": "CVE-2018-19781",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/19xxx/CVE-2018-19860.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19860", "ID": "CVE-2018-19860",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/4xxx/CVE-2018-4250.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2018-4250", "ID": "CVE-2018-4250",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the \"Messages\" component. It allows remote attackers to cause a denial of service via a crafted message." "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the \"Messages\" component. It allows remote attackers to cause a denial of service via a crafted message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT208848", "name": "1041031",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT208848" "url": "http://www.securitytracker.com/id/1041031"
}, },
{ {
"name" : "1041031", "name": "https://support.apple.com/HT208848",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1041031" "url": "https://support.apple.com/HT208848"
} }
] ]
} }

22
2018/4xxx/CVE-2018-4412.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4412", "ID": "CVE-2018-4412",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/4xxx/CVE-2018-4468.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4468", "ID": "CVE-2018-4468",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }