admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:29:01 +00:00
parent ba1984d1fb
commit b88915d496
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3694 additions and 3694 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2002/2xxx/CVE-2002-2111.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2111", "ID": "CVE-2002-2111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet." "value": "Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.scaramanga.co.uk/fwmon/fwmon-1.0.10.tar.gz", "name": "http://www.scaramanga.co.uk/fwmon/fwmon-1.0.10.tar.gz",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.scaramanga.co.uk/fwmon/fwmon-1.0.10.tar.gz" "url": "http://www.scaramanga.co.uk/fwmon/fwmon-1.0.10.tar.gz"
}, },
{ {
"name" : "3984", "name": "3984",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3984" "url": "http://www.securityfocus.com/bid/3984"
}, },
{ {
"name" : "fwmon-large-packet-bo(8104)", "name": "fwmon-large-packet-bo(8104)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8104" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8104"
} }
] ]
} }

68
2002/2xxx/CVE-2002-2156.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2156", "ID": "CVE-2002-2156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response." "value": "Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020801 Two more exploitable holes in the trillian irc module", "name": "20020801 Two more exploitable holes in the trillian irc module",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/285695" "url": "http://www.securityfocus.com/archive/1/285695"
}, },
{ {
"name" : "20020801 trillian buffer overflow", "name": "20020801 trillian buffer overflow",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/285639" "url": "http://www.securityfocus.com/archive/1/285639"
} }
] ]
} }

86
2002/2xxx/CVE-2002-2260.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2260", "ID": "CVE-2002-2260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the \"show all quips\" page." "value": "Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the \"show all quips\" page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021126 XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier", "name": "20021126 XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=103837886416560&w=2" "url": "http://marc.info/?l=bugtraq&m=103837886416560&w=2"
}, },
{ {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=179329", "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=179329",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=179329" "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=179329"
}, },
{ {
"name" : "DSA-218", "name": "DSA-218",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2002/dsa-218" "url": "http://www.debian.org/security/2002/dsa-218"
}, },
{ {
"name" : "6257", "name": "6257",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6257" "url": "http://www.securityfocus.com/bid/6257"
}, },
{ {
"name" : "bugzilla-quips-xss(10707)", "name": "bugzilla-quips-xss(10707)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10707" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10707"
} }
] ]
} }

22
2005/0xxx/CVE-2005-0031.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0031", "ID": "CVE-2005-0031",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

110
2005/0xxx/CVE-2005-0129.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0129", "ID": "CVE-2005-0129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing \"%\" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected." "value": "The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing \"%\" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050119 Multiple vulnerabilities in Konversation", "name": "13919",
"refsource" : "FULLDISC", "refsource": "SECUNIA",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html" "url": "http://secunia.com/advisories/13919"
}, },
{ {
"name" : "20050119 Multiple vulnerabilities in Konversation", "name": "20050119 Multiple vulnerabilities in Konversation",
"refsource" : "BUGTRAQ", "refsource": "FULLDISC",
"url" : "http://marc.info/?l=bugtraq&m=110626383310742&w=2" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html"
}, },
{ {
"name" : "http://www.kde.org/info/security/advisory-20050121-1.txt", "name": "http://www.kde.org/info/security/advisory-20050121-1.txt",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.kde.org/info/security/advisory-20050121-1.txt" "url": "http://www.kde.org/info/security/advisory-20050121-1.txt"
}, },
{ {
"name" : "GLSA-200501-34", "name": "konversation-expansion-execute-code(19025)",
"refsource" : "GENTOO", "refsource": "XF",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19025"
}, },
{ {
"name" : "12312", "name": "12312",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/12312" "url": "http://www.securityfocus.com/bid/12312"
}, },
{ {
"name" : "1012972", "name": "13989",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1012972" "url": "http://secunia.com/advisories/13989"
}, },
{ {
"name" : "13919", "name": "GLSA-200501-34",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/13919" "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml"
}, },
{ {
"name" : "13989", "name": "20050119 Multiple vulnerabilities in Konversation",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/13989" "url": "http://marc.info/?l=bugtraq&m=110626383310742&w=2"
}, },
{ {
"name" : "konversation-expansion-execute-code(19025)", "name": "1012972",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19025" "url": "http://securitytracker.com/id?1012972"
} }
] ]
} }

74
2005/0xxx/CVE-2005-0417.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0417", "ID": "CVE-2005-0417",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unknown \"high risk\" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor." "value": "Unknown \"high risk\" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050209 Patch available for high risk IBM DB2 Universal Database flaw", "name": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=110801212422825&w=2" "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
}, },
{ {
"name" : "http://www.ngssoftware.com/advisories/db2-09-05-05.htm", "name": "20050209 Patch available for high risk IBM DB2 Universal Database flaw",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.ngssoftware.com/advisories/db2-09-05-05.htm" "url": "http://marc.info/?l=bugtraq&m=110801212422825&w=2"
}, },
{ {
"name" : "12508", "name": "12508",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/12508" "url": "http://www.securityfocus.com/bid/12508"
} }
] ]
} }

122
2005/1xxx/CVE-2005-1162.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1162", "ID": "CVE-2005-1162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp." "value": "Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050414 Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore", "name": "13184",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=111352017704126&w=2" "url": "http://www.securityfocus.com/bid/13184"
}, },
{ {
"name" : "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab", "name": "1013720",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab" "url": "http://securitytracker.com/id?1013720"
}, },
{ {
"name" : "13184", "name": "15523",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/13184" "url": "http://www.osvdb.org/15523"
}, },
{ {
"name" : "13185", "name": "13186",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13185" "url": "http://www.securityfocus.com/bid/13186"
}, },
{ {
"name" : "13186", "name": "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/13186" "url": "http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab"
}, },
{ {
"name" : "15521", "name": "15521",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/15521" "url": "http://www.osvdb.org/15521"
}, },
{ {
"name" : "15522", "name": "oneworldstore-xss(20096)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/15522" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20096"
}, },
{ {
"name" : "15523", "name": "20050414 Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/15523" "url": "http://marc.info/?l=bugtraq&m=111352017704126&w=2"
}, },
{ {
"name" : "1013720", "name": "15522",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://securitytracker.com/id?1013720" "url": "http://www.osvdb.org/15522"
}, },
{ {
"name" : "14969", "name": "14969",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/14969" "url": "http://secunia.com/advisories/14969"
}, },
{ {
"name" : "oneworldstore-xss(20096)", "name": "13185",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20096" "url": "http://www.securityfocus.com/bid/13185"
} }
] ]
} }

68
2005/1xxx/CVE-2005-1629.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1629", "ID": "CVE-2005-1629",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter." "value": "SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050513 PhotoPost Arbitrary Data Exploit", "name": "20050513 PhotoPost Arbitrary Data Exploit",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/lists/fulldisclosure/2005/May/0311.html" "url": "http://seclists.org/lists/fulldisclosure/2005/May/0311.html"
}, },
{ {
"name" : "13620", "name": "13620",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13620" "url": "http://www.securityfocus.com/bid/13620"
} }
] ]
} }

92
2005/1xxx/CVE-2005-1710.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1710", "ID": "CVE-2005-1710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050524 Blue Coat Reporter multiple remote vulnerabilities", "name": "16765",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://marc.info/?l=bugtraq&m=111695726810435&w=2" "url": "http://www.osvdb.org/16765"
}, },
{ {
"name" : "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html", "name": "15452",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html" "url": "http://secunia.com/advisories/15452"
}, },
{ {
"name" : "ADV-2005-0589", "name": "20050524 Blue Coat Reporter multiple remote vulnerabilities",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2005/0589" "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"
}, },
{ {
"name" : "16765", "name": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/16765" "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"
}, },
{ {
"name" : "16766", "name": "16766",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/16766" "url": "http://www.osvdb.org/16766"
}, },
{ {
"name" : "15452", "name": "ADV-2005-0589",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/15452" "url": "http://www.vupen.com/english/advisories/2005/0589"
} }
] ]
} }

74
2005/4xxx/CVE-2005-4017.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4017", "ID": "CVE-2005-4017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message." "value": "property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html", "name": "21427",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html" "url": "http://www.osvdb.org/21427"
}, },
{ {
"name" : "21427", "name": "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/21427" "url": "http://pridels0.blogspot.com/2005/12/widget-property-vuln.html"
}, },
{ {
"name" : "17829", "name": "17829",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/17829" "url": "http://secunia.com/advisories/17829"
} }
] ]
} }

62
2005/4xxx/CVE-2005-4818.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4818", "ID": "CVE-2005-4818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "14895", "name": "14895",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/14895" "url": "http://www.securityfocus.com/bid/14895"
} }
] ]
} }

122
2009/0xxx/CVE-2009-0041.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0041", "ID": "CVE-2009-0041",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames." "value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090108 AST-2009-001: Information leak in IAX2 authentication", "name": "GLSA-200905-01",
"refsource" : "BUGTRAQ", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/archive/1/499884/100/0/threaded" "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
}, },
{ {
"name" : "http://downloads.digium.com/pub/security/AST-2009-001.html", "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://downloads.digium.com/pub/security/AST-2009-001.html" "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
}, },
{ {
"name" : "DSA-1952", "name": "33453",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2009/dsa-1952" "url": "http://secunia.com/advisories/33453"
}, },
{ {
"name" : "GLSA-200905-01", "name": "4910",
"refsource" : "GENTOO", "refsource": "SREASON",
"url" : "http://security.gentoo.org/glsa/glsa-200905-01.xml" "url": "http://securityreason.com/securityalert/4910"
}, },
{ {
"name" : "33174", "name": "33174",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/33174" "url": "http://www.securityfocus.com/bid/33174"
}, },
{ {
"name" : "34982", "name": "37677",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34982" "url": "http://secunia.com/advisories/37677"
}, },
{ {
"name" : "37677", "name": "DSA-1952",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/37677" "url": "http://www.debian.org/security/2009/dsa-1952"
}, },
{ {
"name" : "ADV-2009-0063", "name": "1021549",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2009/0063" "url": "http://www.securitytracker.com/id?1021549"
}, },
{ {
"name" : "1021549", "name": "http://downloads.digium.com/pub/security/AST-2009-001.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1021549" "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
}, },
{ {
"name" : "33453", "name": "ADV-2009-0063",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/33453" "url": "http://www.vupen.com/english/advisories/2009/0063"
}, },
{ {
"name" : "4910", "name": "34982",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/4910" "url": "http://secunia.com/advisories/34982"
} }
] ]
} }

74
2009/0xxx/CVE-2009-0350.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0350", "ID": "CVE-2009-0350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information." "value": "Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7857", "name": "33645",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/7857" "url": "http://secunia.com/advisories/33645"
}, },
{ {
"name" : "51565", "name": "7857",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/51565" "url": "https://www.exploit-db.com/exploits/7857"
}, },
{ {
"name" : "33645", "name": "51565",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/33645" "url": "http://osvdb.org/51565"
} }
] ]
} }

80
2009/0xxx/CVE-2009-0970.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0970", "ID": "CVE-2009-0970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "34145", "name": "phpprobid-classimage-file-include(49290)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/34145" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49290"
}, },
{ {
"name" : "52750", "name": "34145",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/52750" "url": "http://www.securityfocus.com/bid/34145"
}, },
{ {
"name" : "34278", "name": "52750",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/34278" "url": "http://www.osvdb.org/52750"
}, },
{ {
"name" : "phpprobid-classimage-file-include(49290)", "name": "34278",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49290" "url": "http://secunia.com/advisories/34278"
} }
] ]
} }

92
2009/1xxx/CVE-2009-1080.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1080", "ID": "CVE-2009-1080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java", "name": "253267",
"refsource" : "CONFIRM", "refsource": "SUNALERT",
"url" : "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1"
}, },
{ {
"name" : "253267", "name": "1021881",
"refsource" : "SUNALERT", "refsource": "SECTRACK",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1" "url": "http://securitytracker.com/id?1021881"
}, },
{ {
"name" : "34191", "name": "34191",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34191" "url": "http://www.securityfocus.com/bid/34191"
}, },
{ {
"name" : "1021881", "name": "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1021881" "url": "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java"
}, },
{ {
"name" : "34380", "name": "ADV-2009-0797",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/34380" "url": "http://www.vupen.com/english/advisories/2009/0797"
}, },
{ {
"name" : "ADV-2009-0797", "name": "34380",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/0797" "url": "http://secunia.com/advisories/34380"
} }
] ]
} }

92
2009/1xxx/CVE-2009-1315.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1315", "ID": "CVE-2009-1315",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090414 [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities", "name": "http://dsecrg.com/pages/vul/show.php?id=137",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/502670/100/0/threaded" "url": "http://dsecrg.com/pages/vul/show.php?id=137"
}, },
{ {
"name" : "8424", "name": "34512",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/8424" "url": "http://www.securityfocus.com/bid/34512"
}, },
{ {
"name" : "http://dsecrg.com/pages/vul/show.php?id=137", "name": "20090414 [DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://dsecrg.com/pages/vul/show.php?id=137" "url": "http://www.securityfocus.com/archive/1/502670/100/0/threaded"
}, },
{ {
"name" : "34512", "name": "34663",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/34512" "url": "http://secunia.com/advisories/34663"
}, },
{ {
"name" : "34663", "name": "ablespace-advcat-xss(44847)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/34663" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44847"
}, },
{ {
"name" : "ablespace-advcat-xss(44847)", "name": "8424",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44847" "url": "https://www.exploit-db.com/exploits/8424"
} }
] ]
} }

74
2009/1xxx/CVE-2009-1618.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1618", "ID": "CVE-2009-1618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Teraway LiveHelp 2.0 allows remote attackers to bypass authentication and gain administrative access via a pwd=&lvl=1&usr=&alias=admin&userid=1 value for the TWLHadmin cookie." "value": "Teraway LiveHelp 2.0 allows remote attackers to bypass authentication and gain administrative access via a pwd=&lvl=1&usr=&alias=admin&userid=1 value for the TWLHadmin cookie."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8552", "name": "34802",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/8552" "url": "http://secunia.com/advisories/34802"
}, },
{ {
"name" : "34735", "name": "34735",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34735" "url": "http://www.securityfocus.com/bid/34735"
}, },
{ {
"name" : "34802", "name": "8552",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/34802" "url": "https://www.exploit-db.com/exploits/8552"
} }
] ]
} }

80
2009/1xxx/CVE-2009-1672.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1672", "ID": "CVE-2009-1672",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method." "value": "The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8665", "name": "8665",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8665" "url": "https://www.exploit-db.com/exploits/8665"
}, },
{ {
"name" : "http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html", "name": "http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html" "url": "http://www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html"
}, },
{ {
"name" : "34931", "name": "sun-jre-activex-code-execution(50629)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/34931" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50629"
}, },
{ {
"name" : "sun-jre-activex-code-execution(50629)", "name": "34931",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50629" "url": "http://www.securityfocus.com/bid/34931"
} }
] ]
} }

128
2012/2xxx/CVE-2012-2101.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2101", "ID": "CVE-2012-2101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules." "value": "Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules", "name": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.launchpad.net/openstack/msg10268.html" "url": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7"
}, },
{ {
"name" : "https://bugs.launchpad.net/nova/+bug/969545", "name": "81641",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "https://bugs.launchpad.net/nova/+bug/969545" "url": "http://www.osvdb.org/81641"
}, },
{ {
"name" : "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7", "name": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7" "url": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb"
}, },
{ {
"name" : "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb", "name": "USN-1438-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb" "url": "http://ubuntu.com/usn/usn-1438-1"
}, },
{ {
"name" : "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64", "name": "[openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64" "url": "https://lists.launchpad.net/openstack/msg10268.html"
}, },
{ {
"name" : "FEDORA-2012-6273", "name": "nova-quotas-dos(75243)",
"refsource" : "FEDORA", "refsource": "XF",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243"
}, },
{ {
"name" : "FEDORA-2012-6365", "name": "FEDORA-2012-6365",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html"
}, },
{ {
"name" : "USN-1438-1", "name": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://ubuntu.com/usn/usn-1438-1" "url": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64"
}, },
{ {
"name" : "81641", "name": "FEDORA-2012-6273",
"refsource" : "OSVDB", "refsource": "FEDORA",
"url" : "http://www.osvdb.org/81641" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html"
}, },
{ {
"name" : "49034", "name": "49048",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49034" "url": "http://secunia.com/advisories/49048"
}, },
{ {
"name" : "49048", "name": "https://bugs.launchpad.net/nova/+bug/969545",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/49048" "url": "https://bugs.launchpad.net/nova/+bug/969545"
}, },
{ {
"name" : "nova-quotas-dos(75243)", "name": "49034",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243" "url": "http://secunia.com/advisories/49034"
} }
] ]
} }

80
2012/2xxx/CVE-2012-2202.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-2202", "ID": "CVE-2012-2202",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter." "value": "Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21605630", "name": "VU#659791",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21605630" "url": "http://www.kb.cert.org/vuls/id/659791"
}, },
{ {
"name" : "VU#659791", "name": "49897",
"refsource" : "CERT-VN", "refsource": "SECUNIA",
"url" : "http://www.kb.cert.org/vuls/id/659791" "url": "http://secunia.com/advisories/49897"
}, },
{ {
"name" : "49897", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21605630",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/49897" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21605630"
}, },
{ {
"name" : "pnm-javatesterinit-dir-traversal(76801)", "name": "pnm-javatesterinit-dir-traversal(76801)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76801" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76801"
} }
] ]
} }

68
2012/2xxx/CVE-2012-2366.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2366", "ID": "CVE-2012-2366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors." "value": "mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120523 Moodle security notifications public", "name": "[oss-security] 20120523 Moodle security notifications public",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/05/23/2" "url": "http://openwall.com/lists/oss-security/2012/05/23/2"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31763", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31763",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31763" "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31763"
} }
] ]
} }

92
2012/2xxx/CVE-2012-2546.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-2546", "ID": "CVE-2012-2546",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Event Listener Use After Free Vulnerability.\"" "value": "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Event Listener Use After Free Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-063", "name": "ms-ie-eventlistener-code-exec(78757)",
"refsource" : "MS", "refsource": "XF",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-063" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78757"
}, },
{ {
"name" : "TA12-255A", "name": "1027555",
"refsource" : "CERT", "refsource": "SECTRACK",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-255A.html" "url": "http://www.securitytracker.com/id?1027555"
}, },
{ {
"name" : "55645", "name": "oval:org.mitre.oval:def:15652",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/55645" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15652"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15652", "name": "TA12-255A",
"refsource" : "OVAL", "refsource": "CERT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15652" "url": "http://www.us-cert.gov/cas/techalerts/TA12-255A.html"
}, },
{ {
"name" : "1027555", "name": "MS12-063",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id?1027555" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-063"
}, },
{ {
"name" : "ms-ie-eventlistener-code-exec(78757)", "name": "55645",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78757" "url": "http://www.securityfocus.com/bid/55645"
} }
] ]
} }

98
2012/2xxx/CVE-2012-2708.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2708", "ID": "CVE-2012-2708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the _hosting_task_log_table function in modules/hosting/task/hosting_task.module in the Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a Drush log message in a provision task log." "value": "Cross-site scripting (XSS) vulnerability in the _hosting_task_log_table function in modules/hosting/task/hosting_task.module in the Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a Drush log message in a provision task log."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "name": "http://drupal.org/node/1585678",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "url": "http://drupal.org/node/1585678"
}, },
{ {
"name" : "http://drupal.org/node/1585678", "name": "http://drupal.org/node/1585658",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1585678" "url": "http://drupal.org/node/1585658"
}, },
{ {
"name" : "http://community.aegirproject.org/1.9", "name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://community.aegirproject.org/1.9" "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
}, },
{ {
"name" : "http://drupal.org/node/1585658", "name": "http://community.aegirproject.org/1.9",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1585658" "url": "http://community.aegirproject.org/1.9"
}, },
{ {
"name" : "http://drupalcode.org/project/hostmaster.git/commitdiff/9476561", "name": "53588",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://drupalcode.org/project/hostmaster.git/commitdiff/9476561" "url": "http://www.securityfocus.com/bid/53588"
}, },
{ {
"name" : "53588", "name": "http://drupalcode.org/project/hostmaster.git/commitdiff/9476561",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/53588" "url": "http://drupalcode.org/project/hostmaster.git/commitdiff/9476561"
}, },
{ {
"name" : "hostmaster-logmessages-xss(75714)", "name": "hostmaster-logmessages-xss(75714)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75714" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75714"
} }
] ]
} }

74
2012/2xxx/CVE-2012-2953.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2012-2953", "ID": "CVE-2012-2953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts." "value": "The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00", "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00" "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00"
}, },
{ {
"name" : "VU#108471", "name": "VU#108471",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/108471" "url": "http://www.kb.cert.org/vuls/id/108471"
}, },
{ {
"name" : "54426", "name": "54426",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/54426" "url": "http://www.securityfocus.com/bid/54426"
} }
] ]
} }

80
2012/3xxx/CVE-2012-3176.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-3176", "ID": "CVE-2012-3176",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Panel Processor." "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Panel Processor."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "name": "51001",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" "url": "http://secunia.com/advisories/51001"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
}, },
{ {
"name" : "1027671", "name": "1027671",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027671" "url": "http://www.securitytracker.com/id?1027671"
}, },
{ {
"name" : "51001", "name": "MDVSA-2013:150",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/51001" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

74
2012/6xxx/CVE-2012-6100.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-6100", "ID": "CVE-2012-6100",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remote authenticated users to discover a hidden lastaccess value by reading an activity report." "value": "report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remote authenticated users to discover a hidden lastaccess value by reading an activity report."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130121 Moodle security notifications public", "name": "https://moodle.org/mod/forum/discuss.php?d=220161",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2013/01/21/1" "url": "https://moodle.org/mod/forum/discuss.php?d=220161"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33340", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33340",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33340" "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33340"
}, },
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=220161", "name": "[oss-security] 20130121 Moodle security notifications public",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://moodle.org/mod/forum/discuss.php?d=220161" "url": "http://openwall.com/lists/oss-security/2013/01/21/1"
} }
] ]
} }

98
2012/6xxx/CVE-2012-6551.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6551", "ID": "CVE-2012-6551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests." "value": "The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[dev] 20121022 [DISCUSS] - ActiveMQ out of the box - Should not include the demos", "name": "RHSA-2013:1029",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1029.html"
}, },
{ {
"name" : "http://activemq.apache.org/activemq-580-release.html", "name": "[dev] 20121022 [DISCUSS] - ActiveMQ out of the box - Should not include the demos",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://activemq.apache.org/activemq-580-release.html" "url": "http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html"
}, },
{ {
"name" : "https://fisheye6.atlassian.com/changelog/activemq?cs=1404998", "name": "https://fisheye6.atlassian.com/changelog/activemq?cs=1404998",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://fisheye6.atlassian.com/changelog/activemq?cs=1404998" "url": "https://fisheye6.atlassian.com/changelog/activemq?cs=1404998"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/AMQ-4124", "name": "59401",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://issues.apache.org/jira/browse/AMQ-4124" "url": "http://www.securityfocus.com/bid/59401"
}, },
{ {
"name" : "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282", "name": "http://activemq.apache.org/activemq-580-release.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282" "url": "http://activemq.apache.org/activemq-580-release.html"
}, },
{ {
"name" : "RHSA-2013:1029", "name": "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1029.html" "url": "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282"
}, },
{ {
"name" : "59401", "name": "https://issues.apache.org/jira/browse/AMQ-4124",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/59401" "url": "https://issues.apache.org/jira/browse/AMQ-4124"
} }
] ]
} }

86
2015/1xxx/CVE-2015-1378.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1378", "ID": "CVE-2015-1378",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users." "value": "cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150127 Re: CVE or not: 2x grml-debootstrap", "name": "https://security-tracker.debian.org/tracker/CVE-2015-1378/",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/27/17" "url": "https://security-tracker.debian.org/tracker/CVE-2015-1378/"
}, },
{ {
"name" : "http://cve.killedkenny.io/cve/CVE-2015-1378", "name": "https://github.com/grml/grml-debootstrap/issues/59",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://cve.killedkenny.io/cve/CVE-2015-1378" "url": "https://github.com/grml/grml-debootstrap/issues/59"
}, },
{ {
"name" : "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1378.html", "name": "[oss-security] 20150127 Re: CVE or not: 2x grml-debootstrap",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1378.html" "url": "http://www.openwall.com/lists/oss-security/2015/01/27/17"
}, },
{ {
"name" : "https://github.com/grml/grml-debootstrap/issues/59", "name": "http://cve.killedkenny.io/cve/CVE-2015-1378",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://github.com/grml/grml-debootstrap/issues/59" "url": "http://cve.killedkenny.io/cve/CVE-2015-1378"
}, },
{ {
"name" : "https://security-tracker.debian.org/tracker/CVE-2015-1378/", "name": "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1378.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://security-tracker.debian.org/tracker/CVE-2015-1378/" "url": "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1378.html"
} }
] ]
} }

62
2015/5xxx/CVE-2015-5051.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-5051", "ID": "CVE-2015-5051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors." "value": "IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970797", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970797",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970797" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970797"
} }
] ]
} }

92
2015/5xxx/CVE-2015-5295.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5295", "ID": "CVE-2015-5295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero." "value": "The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.launchpad.net/heat/+bug/1496277", "name": "https://security.openstack.org/ossa/OSSA-2016-003.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.launchpad.net/heat/+bug/1496277" "url": "https://security.openstack.org/ossa/OSSA-2016-003.html"
}, },
{ {
"name" : "https://security.openstack.org/ossa/OSSA-2016-003.html", "name": "81438",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security.openstack.org/ossa/OSSA-2016-003.html" "url": "http://www.securityfocus.com/bid/81438"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "FEDORA-2016-fe5b9da308", "name": "FEDORA-2016-fe5b9da308",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176700.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176700.html"
}, },
{ {
"name" : "RHSA-2016:0266", "name": "RHSA-2016:0266",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0266.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-0266.html"
}, },
{ {
"name" : "81438", "name": "https://bugs.launchpad.net/heat/+bug/1496277",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/81438" "url": "https://bugs.launchpad.net/heat/+bug/1496277"
} }
] ]
} }

80
2015/5xxx/CVE-2015-5416.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2015-5416", "ID": "CVE-2015-5416",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2875." "value": "Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2875."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-397", "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04771027",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-397" "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04771027"
}, },
{ {
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04771027", "name": "76457",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04771027" "url": "http://www.securityfocus.com/bid/76457"
}, },
{ {
"name" : "76457", "name": "1033362",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/76457" "url": "http://www.securitytracker.com/id/1033362"
}, },
{ {
"name" : "1033362", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-397",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1033362" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-397"
} }
] ]
} }

104
2015/5xxx/CVE-2015-5842.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5842", "ID": "CVE-2015-5842",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors." "value": "XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT205212", "name": "1033609",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT205212" "url": "http://www.securitytracker.com/id/1033609"
}, },
{ {
"name" : "https://support.apple.com/HT205213", "name": "https://support.apple.com/HT205212",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT205213" "url": "https://support.apple.com/HT205212"
}, },
{ {
"name" : "https://support.apple.com/HT205267", "name": "APPLE-SA-2015-09-30-3",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT205267" "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
}, },
{ {
"name" : "APPLE-SA-2015-09-16-1", "name": "76764",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html" "url": "http://www.securityfocus.com/bid/76764"
}, },
{ {
"name" : "APPLE-SA-2015-09-21-1", "name": "https://support.apple.com/HT205267",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html" "url": "https://support.apple.com/HT205267"
}, },
{ {
"name" : "APPLE-SA-2015-09-30-3", "name": "APPLE-SA-2015-09-21-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
}, },
{ {
"name" : "76764", "name": "https://support.apple.com/HT205213",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/76764" "url": "https://support.apple.com/HT205213"
}, },
{ {
"name" : "1033609", "name": "APPLE-SA-2015-09-16-1",
"refsource" : "SECTRACK", "refsource": "APPLE",
"url" : "http://www.securitytracker.com/id/1033609" "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
} }
] ]
} }

110
2015/5xxx/CVE-2015-5930.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5930", "ID": "CVE-2015-5930",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5." "value": "WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT205370", "name": "APPLE-SA-2015-10-21-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT205370" "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
}, },
{ {
"name" : "https://support.apple.com/HT205372", "name": "77267",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT205372" "url": "http://www.securityfocus.com/bid/77267"
}, },
{ {
"name" : "https://support.apple.com/HT205377", "name": "https://support.apple.com/HT205370",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT205377" "url": "https://support.apple.com/HT205370"
}, },
{ {
"name" : "APPLE-SA-2015-10-21-1", "name": "openSUSE-SU-2016:0761",
"refsource" : "APPLE", "refsource": "SUSE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
}, },
{ {
"name" : "APPLE-SA-2015-10-21-3", "name": "https://support.apple.com/HT205372",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html" "url": "https://support.apple.com/HT205372"
}, },
{ {
"name" : "APPLE-SA-2015-10-21-5", "name": "APPLE-SA-2015-10-21-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html" "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html"
}, },
{ {
"name" : "openSUSE-SU-2016:0761", "name": "APPLE-SA-2015-10-21-5",
"refsource" : "SUSE", "refsource": "APPLE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html"
}, },
{ {
"name" : "77267", "name": "https://support.apple.com/HT205377",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/77267" "url": "https://support.apple.com/HT205377"
}, },
{ {
"name" : "1033929", "name": "1033929",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033929" "url": "http://www.securitytracker.com/id/1033929"
} }
] ]
} }

74
2017/2xxx/CVE-2017-2358.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2358", "ID": "CVE-2017-2358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the \"Graphics Drivers\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." "value": "An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the \"Graphics Drivers\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207483", "name": "https://support.apple.com/HT207483",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207483" "url": "https://support.apple.com/HT207483"
}, },
{ {
"name" : "95723", "name": "1037671",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/95723" "url": "http://www.securitytracker.com/id/1037671"
}, },
{ {
"name" : "1037671", "name": "95723",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037671" "url": "http://www.securityfocus.com/bid/95723"
} }
] ]
} }

74
2017/2xxx/CVE-2017-2953.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-2953", "ID": "CVE-2017-2953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.", "product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier." "version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution." "value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Memory Corruption" "value": "Memory Corruption"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html", "name": "95345",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html" "url": "http://www.securityfocus.com/bid/95345"
}, },
{ {
"name" : "95345", "name": "1037574",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/95345" "url": "http://www.securitytracker.com/id/1037574"
}, },
{ {
"name" : "1037574", "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037574" "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11041.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC" : "2018-06-21T04:00:00.000Z", "DATE_PUBLIC": "2018-06-21T04:00:00.000Z",
"ID" : "CVE-2018-11041", "ID": "CVE-2018-11041",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cloud Foundry UAA", "product_name": "Cloud Foundry UAA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5" "version_value": "later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cloud Foundry" "vendor_name": "Cloud Foundry"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects. A remote attacker can craft a malicious link that, when clicked, will redirect users to arbitrary websites after a successful login attempt." "value": "Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects. A remote attacker can craft a malicious link that, when clicked, will redirect users to arbitrary websites after a successful login attempt."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Open Redirect" "value": "Open Redirect"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.cloudfoundry.org/blog/cve-2018-11041/", "name": "https://www.cloudfoundry.org/blog/cve-2018-11041/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.cloudfoundry.org/blog/cve-2018-11041/" "url": "https://www.cloudfoundry.org/blog/cve-2018-11041/"
} }
] ]
}, },
"source" : { "source": {
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

22
2018/11xxx/CVE-2018-11390.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11390", "ID": "CVE-2018-11390",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2018/11xxx/CVE-2018-11595.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11595", "ID": "CVE-2018-11595",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused." "value": "Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/espruino/Espruino/commit/0a7619875bf79877907205f6bee08465b89ff10b", "name": "https://github.com/espruino/Espruino/commit/0a7619875bf79877907205f6bee08465b89ff10b",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/commit/0a7619875bf79877907205f6bee08465b89ff10b" "url": "https://github.com/espruino/Espruino/commit/0a7619875bf79877907205f6bee08465b89ff10b"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/files/2019210/test_0.txt", "name": "https://github.com/espruino/Espruino/files/2019220/test_4.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/files/2019210/test_0.txt" "url": "https://github.com/espruino/Espruino/files/2019220/test_4.txt"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/files/2019216/test_2.txt", "name": "https://github.com/espruino/Espruino/files/2019210/test_0.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/files/2019216/test_2.txt" "url": "https://github.com/espruino/Espruino/files/2019210/test_0.txt"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/files/2019220/test_4.txt", "name": "https://github.com/espruino/Espruino/issues/1425",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/files/2019220/test_4.txt" "url": "https://github.com/espruino/Espruino/issues/1425"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/issues/1425", "name": "https://github.com/espruino/Espruino/files/2019216/test_2.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/issues/1425" "url": "https://github.com/espruino/Espruino/files/2019216/test_2.txt"
} }
] ]
} }

62
2018/11xxx/CVE-2018-11856.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11856", "ID": "CVE-2018-11856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SD 835, SD 845, SD 850" "version_value": "SD 835, SD 845, SD 850"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850." "value": "Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Copy Without Checking Size of Input in WLAN" "value": "Buffer Copy Without Checking Size of Input in WLAN"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "url": "https://www.qualcomm.com/company/product-security/bulletins"
} }
] ]
} }

22
2018/11xxx/CVE-2018-11973.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11973", "ID": "CVE-2018-11973",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/14xxx/CVE-2018-14737.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14737", "ID": "CVE-2018-14737",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A NULL pointer dereference can occur in pbc_wmessage_string in wmessage.c." "value": "An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A NULL pointer dereference can occur in pbc_wmessage_string in wmessage.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/cloudwu/pbc/issues/122#issuecomment-407303005", "name": "https://github.com/cloudwu/pbc/issues/122#issuecomment-407303005",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/cloudwu/pbc/issues/122#issuecomment-407303005" "url": "https://github.com/cloudwu/pbc/issues/122#issuecomment-407303005"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15627.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-15627", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-15627",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }

22
2018/15xxx/CVE-2018-15654.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15654", "ID": "CVE-2018-15654",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/15xxx/CVE-2018-15659.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15659", "ID": "CVE-2018-15659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible." "value": "An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/", "name": "https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/" "url": "https://research.digitalinterruption.com/2019/01/31/multiple-vulnerabilities-found-in-mobile-device-management-software/"
} }
] ]
} }

70
2018/3xxx/CVE-2018-3102.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3102", "ID": "CVE-2018-3102",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Outside In Technology", "product_name": "Outside In Technology",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.5.3" "version_value": "8.5.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)." "value": "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology." "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
}, },
{ {
"name" : "104762", "name": "104762",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/104762" "url": "http://www.securityfocus.com/bid/104762"
} }
] ]
} }

76
2018/3xxx/CVE-2018-3248.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3248", "ID": "CVE-2018-3248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebLogic Server", "product_name": "WebLogic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10.3.6.0" "version_value": "10.3.6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)." "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data." "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "name": "1041896",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "url": "http://www.securitytracker.com/id/1041896"
}, },
{ {
"name" : "105643", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/105643" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
}, },
{ {
"name" : "1041896", "name": "105643",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1041896" "url": "http://www.securityfocus.com/bid/105643"
} }
] ]
} }

22
2018/3xxx/CVE-2018-3504.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3504", "ID": "CVE-2018-3504",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/3xxx/CVE-2018-3555.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3555", "ID": "CVE-2018-3555",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/8xxx/CVE-2018-8033.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2018-8033", "ID": "CVE-2018-8033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache OFBiz", "product_name": "Apache OFBiz",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Apache OFBiz 16.11.01 to 16.11.04" "version_value": "Apache OFBiz 16.11.01 to 16.11.04"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host." "value": "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine", "name": "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E" "url": "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E"
} }
] ]
} }

22
2018/8xxx/CVE-2018-8478.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8478", "ID": "CVE-2018-8478",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2018/8xxx/CVE-2018-8518.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8518", "ID": "CVE-2018-8518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft SharePoint", "product_name": "Microsoft SharePoint",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Enterprise Server 2013 Service Pack 1" "version_value": "Enterprise Server 2013 Service Pack 1"
}, },
{ {
"version_value" : "Enterprise Server 2016" "version_value": "Enterprise Server 2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft SharePoint Elevation of Privilege Vulnerability.\" This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498." "value": "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft SharePoint Elevation of Privilege Vulnerability.\" This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of Privilege" "value": "Elevation of Privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518", "name": "105496",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518" "url": "http://www.securityfocus.com/bid/105496"
}, },
{ {
"name" : "105496", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/105496" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518"
}, },
{ {
"name" : "1041835", "name": "1041835",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041835" "url": "http://www.securitytracker.com/id/1041835"
} }
] ]
} }

106
2018/8xxx/CVE-2018-8524.json
View File

@ -1,115 +1,115 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8524", "ID": "CVE-2018-8524",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Office", "product_name": "Microsoft Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2019 for 32-bit editions" "version_value": "2019 for 32-bit editions"
}, },
{ {
"version_value" : "2019 for 64-bit editions" "version_value": "2019 for 64-bit editions"
} }
] ]
} }
}, },
{ {
"product_name" : "Office", "product_name": "Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "365 ProPlus for 32-bit Systems" "version_value": "365 ProPlus for 32-bit Systems"
}, },
{ {
"version_value" : "365 ProPlus for 64-bit Systems" "version_value": "365 ProPlus for 64-bit Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Microsoft Outlook", "product_name": "Microsoft Outlook",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2010 Service Pack 2 (32-bit editions)" "version_value": "2010 Service Pack 2 (32-bit editions)"
}, },
{ {
"version_value" : "2010 Service Pack 2 (64-bit editions)" "version_value": "2010 Service Pack 2 (64-bit editions)"
}, },
{ {
"version_value" : "2013 RT Service Pack 1" "version_value": "2013 RT Service Pack 1"
}, },
{ {
"version_value" : "2013 Service Pack 1 (32-bit editions)" "version_value": "2013 Service Pack 1 (32-bit editions)"
}, },
{ {
"version_value" : "2013 Service Pack 1 (64-bit editions)" "version_value": "2013 Service Pack 1 (64-bit editions)"
}, },
{ {
"version_value" : "2016 (32-bit edition)" "version_value": "2016 (32-bit edition)"
}, },
{ {
"version_value" : "2016 (64-bit edition)" "version_value": "2016 (64-bit edition)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka \"Microsoft Outlook Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8576, CVE-2018-8582." "value": "A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka \"Microsoft Outlook Remote Code Execution Vulnerability.\" This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8576, CVE-2018-8582."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8524", "name": "105823",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8524" "url": "http://www.securityfocus.com/bid/105823"
}, },
{ {
"name" : "105823", "name": "1042110",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/105823" "url": "http://www.securitytracker.com/id/1042110"
}, },
{ {
"name" : "1042110", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8524",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1042110" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8524"
} }
] ]
} }

74
2018/8xxx/CVE-2018-8578.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8578", "ID": "CVE-2018-8578",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft SharePoint", "product_name": "Microsoft SharePoint",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Enterprise Server 2013 Service Pack 1" "version_value": "Enterprise Server 2013 Service Pack 1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka \"Microsoft SharePoint Information Disclosure Vulnerability.\" This affects Microsoft SharePoint." "value": "An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka \"Microsoft SharePoint Information Disclosure Vulnerability.\" This affects Microsoft SharePoint."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578"
}, },
{ {
"name" : "105832", "name": "105832",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105832" "url": "http://www.securityfocus.com/bid/105832"
}, },
{ {
"name" : "1042133", "name": "1042133",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1042133" "url": "http://www.securitytracker.com/id/1042133"
} }
] ]
} }

68
2018/8xxx/CVE-2018-8721.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8721", "ID": "CVE-2018-8721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen" "value": "Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack", "name": "103424",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack" "url": "http://www.securityfocus.com/bid/103424"
}, },
{ {
"name" : "103424", "name": "https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/103424" "url": "https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack"
} }
] ]
} }