admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:31:48 +00:00
parent 008fc46c85
commit c4e1504e35
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
45 changed files with 2901 additions and 2901 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
1999/0xxx/CVE-1999-0464.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames."
"lang": "eng",
"value": "Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990104 Tripwire mess..",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=91553066310826&w=2"
"name": "http://marc.info/?l=bugtraq&m=91592136122066&w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?l=bugtraq&m=91592136122066&w=2"
},
{
"name" : "http://marc.info/?l=bugtraq&m=91592136122066&w=2",
"refsource" : "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=91592136122066&w=2"
"name": "19990104 Tripwire mess..",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91553066310826&w=2"
},
{
"name" : "6609",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/6609"
"name": "6609",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6609"
}
]
}

74
1999/1xxx/CVE-1999-1106.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument."
"lang": "eng",
"value": "Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19980429 Security hole in kppp",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/9121"
"name": "19980429 Security hole in kppp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/9121"
},
{
"name" : "kde-kppp-account-bo(1643)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
"name": "kde-kppp-account-bo(1643)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1643"
},
{
"name" : "92",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92"
"name": "92",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92"
}
]
}

80
2005/2xxx/CVE-2005-2152.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2152",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2152",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article."
"lang": "eng",
"value": "SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.geeklog.net/article.php/geeklog-1.3.11sr1",
"refsource" : "CONFIRM",
"url" : "http://www.geeklog.net/article.php/geeklog-1.3.11sr1"
"name": "http://www.geeklog.net/article.php/geeklog-1.3.11sr1",
"refsource": "CONFIRM",
"url": "http://www.geeklog.net/article.php/geeklog-1.3.11sr1"
},
{
"name" : "http://www.hardened-php.net/advisory-062005.php",
"refsource" : "MISC",
"url" : "http://www.hardened-php.net/advisory-062005.php"
"name": "15914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15914"
},
{
"name" : "1014381",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014381"
"name": "http://www.hardened-php.net/advisory-062005.php",
"refsource": "MISC",
"url": "http://www.hardened-php.net/advisory-062005.php"
},
{
"name" : "15914",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15914"
"name": "1014381",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014381"
}
]
}

92
2005/2xxx/CVE-2005-2529.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to \"the utility used to update Java shared archives.\""
"lang": "eng",
"value": "Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to \"the utility used to update Java shared archives.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://docs.info.apple.com/article.html?artnum=302266",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=302266"
"name": "P-306",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-306.shtml"
},
{
"name" : "APPLE-SA-2005-09-13",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2005/Sep/msg00000.html"
"name": "http://docs.info.apple.com/article.html?artnum=302266",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=302266"
},
{
"name" : "P-306",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/p-306.shtml"
"name": "ADV-2005-1734",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1734"
},
{
"name" : "ADV-2005-1734",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/1734"
"name": "macos-archive-utility-gain-privileges(22264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22264"
},
{
"name" : "16808",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16808"
"name": "APPLE-SA-2005-09-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2005/Sep/msg00000.html"
},
{
"name" : "macos-archive-utility-gain-privileges(22264)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22264"
"name": "16808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16808"
}
]
}

104
2005/3xxx/CVE-2005-3152.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3152",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3152",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. Note: vectors (1) and (2) were later reported to affect 3.0.7-pl1."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. Note: vectors (1) and (2) were later reported to affect 3.0.7-pl1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://lostmon.blogspot.com/2005/09/cubecart-303-multiple-variable-cross.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2005/09/cubecart-303-multiple-variable-cross.html"
"name": "cubecart-index-script-xss(24177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24177"
},
{
"name" : "http://lostmon.blogspot.com/2006/01/cubecart-307-pl1-indexphp-multiple.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2006/01/cubecart-307-pl1-indexphp-multiple.html"
"name": "http://bugs.cubecart.com/?do=details&id=363",
"refsource": "CONFIRM",
"url": "http://bugs.cubecart.com/?do=details&id=363"
},
{
"name" : "http://bugs.cubecart.com/?do=details&id=459",
"refsource" : "MISC",
"url" : "http://bugs.cubecart.com/?do=details&id=459"
"name": "http://bugs.cubecart.com/?do=details&id=459",
"refsource": "MISC",
"url": "http://bugs.cubecart.com/?do=details&id=459"
},
{
"name" : "http://bugs.cubecart.com/?do=details&id=363",
"refsource" : "CONFIRM",
"url" : "http://bugs.cubecart.com/?do=details&id=363"
"name": "http://lostmon.blogspot.com/2005/09/cubecart-303-multiple-variable-cross.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/09/cubecart-303-multiple-variable-cross.html"
},
{
"name" : "14962",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14962"
"name": "1014984",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014984"
},
{
"name" : "1014984",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014984"
"name": "35",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/35"
},
{
"name" : "35",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/35"
"name": "http://lostmon.blogspot.com/2006/01/cubecart-307-pl1-indexphp-multiple.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2006/01/cubecart-307-pl1-indexphp-multiple.html"
},
{
"name" : "cubecart-index-script-xss(24177)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24177"
"name": "14962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14962"
}
]
}

158
2005/3xxx/CVE-2005-3348.json
View File

@ -1,141 +1,141 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3348",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-3348",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter."
"lang": "eng",
"value": "HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051115 Advisory 22/2005: Multiple vulnerabilities in phpSysInfo",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/416543"
"name": "17616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17616"
},
{
"name" : "http://www.hardened-php.net/advisory_212005.81.html",
"refsource" : "MISC",
"url" : "http://www.hardened-php.net/advisory_212005.81.html"
"name": "MDKSA-2005:212",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:212"
},
{
"name" : "DSA-897",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-897"
"name": "15396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15396"
},
{
"name" : "DSA-898",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-898"
"name": "GLSA-200511-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml"
},
{
"name" : "DSA-899",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-899"
"name": "15414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15414"
},
{
"name" : "GLSA-200511-18",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml"
"name": "17698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17698"
},
{
"name" : "MDKSA-2005:212",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:212"
"name": "DSA-898",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-898"
},
{
"name" : "15414",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15414"
"name": "17441",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17441"
},
{
"name" : "15396",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15396"
"name": "20051115 Advisory 22/2005: Multiple vulnerabilities in phpSysInfo",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/416543"
},
{
"name" : "17698",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17698"
"name": "DSA-897",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-897"
},
{
"name" : "17441",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17441"
"name": "17620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17620"
},
{
"name" : "17570",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17570"
"name": "17584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17584"
},
{
"name" : "17584",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17584"
"name": "http://www.hardened-php.net/advisory_212005.81.html",
"refsource": "MISC",
"url": "http://www.hardened-php.net/advisory_212005.81.html"
},
{
"name" : "17620",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17620"
"name": "17570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17570"
},
{
"name" : "17616",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17616"
"name": "DSA-899",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-899"
},
{
"name" : "17643",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17643"
"name": "17643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17643"
},
{
"name" : "phpsysinfo-registerglobal-data-manipulation(23107)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23107"
"name": "phpsysinfo-registerglobal-data-manipulation(23107)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23107"
}
]
}

80
2007/5xxx/CVE-2007-5458.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5458",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5458",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsletter parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4523",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4523"
"name": "26051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26051"
},
{
"name" : "26051",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26051"
"name": "kwsphp-newsletter-sql-injection(37083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37083"
},
{
"name" : "27219",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27219"
"name": "27219",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27219"
},
{
"name" : "kwsphp-newsletter-sql-injection(37083)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37083"
"name": "4523",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4523"
}
]
}

92
2007/5xxx/CVE-2007-5711.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5711",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5711",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Massive Entertainment World in Conflict 1.001 and earlier allows remote attackers to cause a denial of service (failed assertion and daemon crash) via a large packet to TCP or UDP port 48000."
"lang": "eng",
"value": "Massive Entertainment World in Conflict 1.001 and earlier allows remote attackers to cause a denial of service (failed assertion and daemon crash) via a large packet to TCP or UDP port 48000."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aluigi.altervista.org/adv/wicassert-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/wicassert-adv.txt"
"name": "http://aluigi.altervista.org/adv/wicassert-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/wicassert-adv.txt"
},
{
"name" : "http://aluigi.org/poc/wicassert.zip",
"refsource" : "MISC",
"url" : "http://aluigi.org/poc/wicassert.zip"
"name": "27417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27417"
},
{
"name" : "ADV-2007-3636",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3636"
"name": "worldinconflict-packets-dos(37462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37462"
},
{
"name" : "39019",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39019"
"name": "ADV-2007-3636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3636"
},
{
"name" : "27417",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27417"
"name": "39019",
"refsource": "OSVDB",
"url": "http://osvdb.org/39019"
},
{
"name" : "worldinconflict-packets-dos(37462)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37462"
"name": "http://aluigi.org/poc/wicassert.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/wicassert.zip"
}
]
}

104
2007/5xxx/CVE-2007-5805.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5805",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5805",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the \"-p\" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804."
"lang": "eng",
"value": "cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the \"-p\" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071030 IBM AIX swcons Local Arbitrary File Access Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=611"
"name": "aix-swcons-insecure-permissions(38154)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38154"
},
{
"name" : "ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar",
"refsource" : "CONFIRM",
"url" : "ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar"
"name": "27437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27437"
},
{
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405",
"refsource" : "CONFIRM",
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405"
"name": "26258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26258"
},
{
"name" : "IZ03055",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ03055"
"name": "IZ03055",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ03055"
},
{
"name" : "IZ03061",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ03061"
"name": "ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar"
},
{
"name" : "26258",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26258"
"name": "IZ03061",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ03061"
},
{
"name" : "27437",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27437"
"name": "20071030 IBM AIX swcons Local Arbitrary File Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=611"
},
{
"name" : "aix-swcons-insecure-permissions(38154)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38154"
"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405",
"refsource": "CONFIRM",
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405"
}
]
}

68
2009/2xxx/CVE-2009-2592.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2592",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2592",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9197",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9197"
"name": "gbook-guestbook-sql-injection(51827)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51827"
},
{
"name" : "gbook-guestbook-sql-injection(51827)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51827"
"name": "9197",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9197"
}
]
}

80
2009/2xxx/CVE-2009-2922.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2922",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2922",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 through 2.3.5 allows remote attackers to read arbitrary files via a base64-encoded file parameter."
"lang": "eng",
"value": "Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 through 2.3.5 allows remote attackers to read arbitrary files via a base64-encoded file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9257",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9257"
"name": "35802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35802"
},
{
"name" : "http://www.pixaria.com/news/article/234",
"refsource" : "CONFIRM",
"url" : "http://www.pixaria.com/news/article/234"
"name": "9257",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9257"
},
{
"name" : "35802",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35802"
"name": "http://www.pixaria.com/news/article/234",
"refsource": "CONFIRM",
"url": "http://www.pixaria.com/news/article/234"
},
{
"name" : "pixaria-image-directory-traversal(51994)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51994"
"name": "pixaria-image-directory-traversal(51994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51994"
}
]
}

164
2009/3xxx/CVE-2009-3231.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3231",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3231",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password."
"lang": "eng",
"value": "The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100307 rPSA-2010-0012-1 postgresql postgresql-contrib postgresql-server",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/509917/100/0/threaded"
"name": "FEDORA-2009-9474",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.html"
},
{
"name" : "http://www.postgresql.org/docs/8.3/static/release-8-3-8.html",
"refsource" : "CONFIRM",
"url" : "http://www.postgresql.org/docs/8.3/static/release-8-3-8.html"
"name": "http://www.postgresql.org/docs/8.3/static/release-8-3-8.html",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/docs/8.3/static/release-8-3-8.html"
},
{
"name" : "http://www.postgresql.org/support/security.html",
"refsource" : "CONFIRM",
"url" : "http://www.postgresql.org/support/security.html"
"name": "36314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36314"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=522084",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=522084"
"name": "HPSBMU02781",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134124585221119&w=2"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012"
"name": "36837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36837"
},
{
"name" : "DSA-1900",
"refsource" : "DEBIAN",
"url" : "http://www.us.debian.org/security/2009/dsa-1900"
"name": "http://www.postgresql.org/support/security.html",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/support/security.html"
},
{
"name" : "FEDORA-2009-9473",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.html"
"name": "36660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36660"
},
{
"name" : "FEDORA-2009-9474",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.html"
"name": "20100307 rPSA-2010-0012-1 postgresql postgresql-contrib postgresql-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509917/100/0/threaded"
},
{
"name" : "HPSBMU02781",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134124585221119&w=2"
"name": "36800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36800"
},
{
"name" : "SSRT100617",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134124585221119&w=2"
"name": "DSA-1900",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2009/dsa-1900"
},
{
"name" : "SUSE-SR:2009:016",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=522084",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=522084"
},
{
"name" : "SUSE-SR:2009:017",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
"name": "FEDORA-2009-9473",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.html"
},
{
"name" : "USN-834-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-834-1"
"name": "SUSE-SR:2009:016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
},
{
"name" : "36314",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36314"
"name": "36727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36727"
},
{
"name" : "36660",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36660"
"name": "SUSE-SR:2009:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
},
{
"name" : "36727",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36727"
"name": "USN-834-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-834-1"
},
{
"name" : "36837",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36837"
"name": "SSRT100617",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134124585221119&w=2"
},
{
"name" : "36800",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36800"
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012"
}
]
}

80
2009/3xxx/CVE-2009-3251.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3251",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3251",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view."
"lang": "eng",
"value": "include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/12407",
"refsource" : "CONFIRM",
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/12407"
"name": "57241",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/57241"
},
{
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4208",
"refsource" : "CONFIRM",
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4208"
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4208",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4208"
},
{
"name" : "57241",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/57241"
"name": "36309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36309"
},
{
"name" : "36309",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36309"
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/12407",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/12407"
}
]
}

62
2015/0xxx/CVE-2015-0171.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0171",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0171",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors."
"lang": "eng",
"value": "Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21699470",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21699470"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21699470",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699470"
}
]
}

80
2015/0xxx/CVE-2015-0375.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name" : "72153",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72153"
"name": "72153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72153"
},
{
"name" : "1031583",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031583"
"name": "oracle-cpujan2015-cve20150375(100164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100164"
},
{
"name" : "oracle-cpujan2015-cve20150375(100164)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100164"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
]
}

116
2015/0xxx/CVE-2015-0557.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0557",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0557",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
"lang": "eng",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/03/5"
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name" : "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/05/9"
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name" : "DSA-3213",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3213"
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name" : "FEDORA-2015-5603",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name" : "FEDORA-2015-5546",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name" : "FEDORA-2015-5524",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name" : "GLSA-201612-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-15"
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name" : "MDVSA-2015:201",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
"name": "71895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71895"
},
{
"name" : "71895",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71895"
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
]
}

68
2015/0xxx/CVE-2015-0657.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0657",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0657",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192."
"lang": "eng",
"value": "Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150304 Cisco IOS XR Software Malformed RSVP Packet Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0657"
"name": "1031841",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031841"
},
{
"name" : "1031841",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031841"
"name": "20150304 Cisco IOS XR Software Malformed RSVP Packet Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0657"
}
]
}

62
2015/0xxx/CVE-2015-0750.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0750",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0750",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786."
"lang": "eng",
"value": "The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150522 Cisco HCS Administrative Web Interface Arbitrary Command Execution Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38969"
"name": "20150522 Cisco HCS Administrative Web Interface Arbitrary Command Execution Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38969"
}
]
}

188
2015/0xxx/CVE-2015-0831.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0831",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2015-0831",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation."
"lang": "eng",
"value": "Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-16.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-16.html"
"name": "72746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72746"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1130541",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1130541"
"name": "SUSE-SU-2015:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
"name": "SUSE-SU-2015:0447",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html"
},
{
"name" : "DSA-3174",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3174"
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-16.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-16.html"
},
{
"name" : "DSA-3179",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3179"
"name": "RHSA-2015:0642",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0642.html"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
"name": "openSUSE-SU-2015:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html"
},
{
"name" : "RHSA-2015:0265",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0265.html"
"name": "USN-2506-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2506-1"
},
{
"name" : "RHSA-2015:0266",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0266.html"
"name": "openSUSE-SU-2015:0567",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html"
},
{
"name" : "RHSA-2015:0642",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0642.html"
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "SUSE-SU-2015:0412",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html"
"name": "openSUSE-SU-2015:0404",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html"
},
{
"name" : "SUSE-SU-2015:0446",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html"
"name": "RHSA-2015:0265",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0265.html"
},
{
"name" : "SUSE-SU-2015:0447",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html"
"name": "1031792",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031792"
},
{
"name" : "openSUSE-SU-2015:0448",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html"
"name": "DSA-3174",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3174"
},
{
"name" : "openSUSE-SU-2015:0404",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name" : "openSUSE-SU-2015:0567",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1130541",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1130541"
},
{
"name" : "openSUSE-SU-2015:0570",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html"
"name": "openSUSE-SU-2015:1266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name" : "openSUSE-SU-2015:1266",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
"name": "DSA-3179",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3179"
},
{
"name" : "USN-2505-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2505-1"
"name": "RHSA-2015:0266",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0266.html"
},
{
"name" : "USN-2506-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2506-1"
"name": "1031791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031791"
},
{
"name" : "72746",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72746"
"name": "openSUSE-SU-2015:0570",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html"
},
{
"name" : "1031791",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031791"
"name": "USN-2505-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2505-1"
},
{
"name" : "1031792",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031792"
"name": "SUSE-SU-2015:0412",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html"
}
]
}

74
2015/4xxx/CVE-2015-4200.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4200",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4200",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (memory consumption) by triggering an error during CPE negotiation, aka Bug ID CSCug00885."
"lang": "eng",
"value": "Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (memory consumption) by triggering an error during CPE negotiation, aka Bug ID CSCug00885."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150622 Cisco IOS Software UBR Devices IPv6 to IPv4 Subsystem Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39424"
"name": "1032692",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032692"
},
{
"name" : "75254",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75254"
"name": "20150622 Cisco IOS Software UBR Devices IPv6 to IPv4 Subsystem Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39424"
},
{
"name" : "1032692",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032692"
"name": "75254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75254"
}
]
}

22
2015/4xxx/CVE-2015-4549.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4549",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4549",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/4xxx/CVE-2015-4722.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4722",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4722",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/8xxx/CVE-2015-8163.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8163",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8163",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/8xxx/CVE-2015-8232.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8232",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8232",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors."
"lang": "eng",
"value": "The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.drupal.org/node/2613444",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2613444"
"name": "https://www.drupal.org/node/2613444",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2613444"
},
{
"name" : "https://www.drupal.org/node/2612812",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2612812"
"name": "https://www.drupal.org/node/2612812",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2612812"
}
]
}

22
2015/8xxx/CVE-2015-8826.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8826",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8826",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

70
2015/9xxx/CVE-2015-9070.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-07-01T00:00:00",
"ID" : "CVE-2015-9070",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2015-9070",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "All Qualcomm products",
"version" : {
"version_data" : [
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall."
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Over-read in TrustZone"
"lang": "eng",
"value": "Buffer Over-read in TrustZone"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01"
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name" : "99467",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99467"
"name": "99467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99467"
}
]
}

74
2015/9xxx/CVE-2015-9279.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-9279",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9279",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "MailEnable before 8.60 allows Stored XSS via malformed use of \"<img/src\" with no \">\" character in the body of an e-mail message."
"lang": "eng",
"value": "MailEnable before 8.60 allows Stored XSS via malformed use of \"<img/src\" with no \">\" character in the body of an e-mail message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"refsource" : "MISC",
"url" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt"
"name": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"refsource": "MISC",
"url": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf"
},
{
"name" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"refsource" : "MISC",
"url" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf"
"name": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
"refsource": "MISC",
"url": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
},
{
"name" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
"refsource" : "MISC",
"url" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
"name": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"refsource": "MISC",
"url": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt"
}
]
}

86
2016/5xxx/CVE-2016-5084.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5084",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5084",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network."
"lang": "eng",
"value": "Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS",
"refsource" : "MISC",
"url" : "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS"
"name": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"name" : "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
"name": "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01"
},
{
"name" : "VU#884840",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/884840"
"name": "VU#884840",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"name" : "93351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93351"
"name": "93351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93351"
}
]
}

22
2016/5xxx/CVE-2016-5928.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5928",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5928",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/1999xxx/CVE-2018-1999021.json
View File

@ -1,64 +1,64 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2018-07-20T20:44:32.989838",
"DATE_REQUESTED" : "2018-07-19T11:07:49",
"ID" : "CVE-2018-1999021",
"REQUESTER" : "drstache.wh@gmail.com",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-07-20T20:44:32.989838",
"DATE_REQUESTED": "2018-07-19T11:07:49",
"ID": "CVE-2018-1999021",
"REQUESTER": "drstache.wh@gmail.com",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Gleez Cms",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "1.3.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Gleezcms"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page."
"lang": "eng",
"value": "Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/gleez/cms/issues/797",
"refsource" : "CONFIRM",
"url" : "https://github.com/gleez/cms/issues/797"
"name": "https://github.com/gleez/cms/issues/797",
"refsource": "CONFIRM",
"url": "https://github.com/gleez/cms/issues/797"
}
]
}

110
2018/2xxx/CVE-2018-2009.json
View File

@ -1,95 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-05T00:00:00",
"ID" : "CVE-2018-2009",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-03-05T00:00:00",
"ID": "CVE-2018-2009",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "API Connect",
"version" : {
"version_data" : [
"product_name": "API Connect",
"version": {
"version_data": [
{
"version_value" : "2018.1"
"version_value": "2018.1"
},
{
"version_value" : "2018.4.1"
"version_value": "2018.4.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148."
"lang": "eng",
"value": "IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "6.500",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "H",
"I": "N",
"PR": "L",
"S": "U",
"SCORE": "6.500",
"UI": "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327"
"name": "107396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107396"
},
{
"name" : "107396",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107396"
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10794327",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10794327"
},
{
"name" : "ibm-api-cve20182009-info-disc(155148)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155148"
"name": "ibm-api-cve20182009-info-disc(155148)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155148"
}
]
}

22
2018/2xxx/CVE-2018-2035.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2035",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2035",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}

74
2018/2xxx/CVE-2018-2491.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2491",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2491",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Fiori Client",
"version" : {
"version_data" : [
"product_name": "SAP Fiori Client",
"version": {
"version_data": [
{
"version_name" : "<",
"version_value" : "1.11.5"
"version_name": "<",
"version_value": "1.11.5"
}
]
}
}
]
},
"vendor_name" : "SAP"
"vendor_name": "SAP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "When opening a deep link URL in SAP Fiori Client with log level set to \"Debug\", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the hyperlink in the viewer. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version."
"lang": "eng",
"value": "When opening a deep link URL in SAP Fiori Client with log level set to \"Debug\", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the hyperlink in the viewer. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Code Injection"
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2691126",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2691126"
"name": "https://launchpad.support.sap.com/#/notes/2691126",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2691126"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

228
2018/2xxx/CVE-2018-2800.json
View File

@ -1,200 +1,200 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2800",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2800",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Java",
"version" : {
"version_data" : [
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "Java SE: 6u181"
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected" : "=",
"version_value" : "7u171"
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected" : "=",
"version_value" : "8u162; JRockit: R28.3.17"
"version_affected": "=",
"version_value": "8u162; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data."
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180419-0001/"
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us"
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource" : "CONFIRM",
"url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us"
},
{
"name" : "DSA-4185",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "GLSA-201903-14",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201903-14"
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1188"
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name" : "RHSA-2018:1191",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1191"
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name" : "RHSA-2018:1201",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1201"
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name" : "RHSA-2018:1202",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1202"
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name" : "RHSA-2018:1203",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1203"
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name" : "RHSA-2018:1204",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1204"
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name" : "RHSA-2018:1205",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1205"
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name" : "RHSA-2018:1206",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1206"
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name" : "RHSA-2018:1270",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1270"
"name": "103849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103849"
},
{
"name" : "RHSA-2018:1278",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1278"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name" : "RHSA-2018:1721",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1721"
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name" : "RHSA-2018:1722",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1722"
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name" : "RHSA-2018:1723",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1723"
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name" : "RHSA-2018:1724",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1724"
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name" : "RHSA-2018:1974",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1974"
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name" : "RHSA-2018:1975",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1975"
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name" : "USN-3644-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3644-1/"
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name" : "USN-3691-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3691-1/"
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name" : "103849",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103849"
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name" : "1040697",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040697"
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
}
]
}

22
2018/6xxx/CVE-2018-6185.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6185",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6185",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/6xxx/CVE-2018-6416.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6416",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6416",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/6xxx/CVE-2018-6806.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6806",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6806",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can include arbitrary JavaScript code, e.g., making XMLHttpRequest calls."
"lang": "eng",
"value": "Marked 2 through 2.5.11 allows remote attackers to read arbitrary files via a crafted HTML document that triggers a redirect to an x-marked://preview?text= URL. The value of the text parameter can include arbitrary JavaScript code, e.g., making XMLHttpRequest calls."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerability",
"refsource" : "MISC",
"url" : "http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerability"
"name": "http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdf",
"refsource": "MISC",
"url": "http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdf"
},
{
"name" : "http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdf",
"refsource" : "MISC",
"url" : "http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdf"
"name": "http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerability",
"refsource": "MISC",
"url": "http://support.markedapp.com/discussions/questions/9089-reporting-a-vulnerability"
}
]
}

22
2018/7xxx/CVE-2018-7446.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7446",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7446",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

64
2018/7xxx/CVE-2018-7518.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-05-24T00:00:00",
"ID" : "CVE-2018-7518",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-05-24T00:00:00",
"ID": "CVE-2018-7518",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BeaconMed&#195;&#166;s TotalAlert Scroll Medical Air Systems web application",
"version" : {
"version_data" : [
"product_name": "BeaconMed&#195;&#166;s TotalAlert Scroll Medical Air Systems web application",
"version": {
"version_data": [
{
"version_value" : "All versions prior to version 4107600010.23"
"version_value": "All versions prior to version 4107600010.23"
}
]
}
}
]
},
"vendor_name" : "ICS-CERT"
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner."
"lang": "eng",
"value": "In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522"
"lang": "eng",
"value": "INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01"
}
]
}

22
2019/1xxx/CVE-2019-1220.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1220",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1220",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1500.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1500",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1500",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1800.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1800",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1800",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5381.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5381",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5381",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

88
2019/5xxx/CVE-2019-5774.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "chrome-cve-admin@google.com",
"ID" : "CVE-2019-5774",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2019-5774",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Chrome",
"version" : {
"version_data" : [
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "72.0.3626.81"
"version_affected": "<",
"version_value": "72.0.3626.81"
}
]
}
}
]
},
"vendor_name" : "Google"
"vendor_name": "Google"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file."
"lang": "eng",
"value": "Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Insufficient validation of untrusted input"
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://crbug.com/904182",
"refsource" : "MISC",
"url" : "https://crbug.com/904182"
"name": "106767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106767"
},
{
"name" : "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html"
"name": "https://crbug.com/904182",
"refsource": "MISC",
"url": "https://crbug.com/904182"
},
{
"name" : "DSA-4395",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4395"
"name": "RHSA-2019:0309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0309"
},
{
"name" : "RHSA-2019:0309",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0309"
"name": "DSA-4395",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4395"
},
{
"name" : "106767",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106767"
"name": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html"
}
]
}

22
2019/5xxx/CVE-2019-5833.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5833",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5833",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}