admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:02:00 +00:00
parent 584121c3fb
commit cd8d1d0d9e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 3380 additions and 3380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2001/0xxx/CVE-2001-0021.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0021", "ID": "CVE-2001-0021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter." "value": "MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20001206 (SRADV00005) Remote command execution vulnerabilities in MailMan Webmail", "name": "http://www.endymion.com/products/mailman/history.htm",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0057.html" "url": "http://www.endymion.com/products/mailman/history.htm"
}, },
{ {
"name" : "http://www.endymion.com/products/mailman/history.htm", "name": "2063",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.endymion.com/products/mailman/history.htm" "url": "http://www.securityfocus.com/bid/2063"
}, },
{ {
"name" : "2063", "name": "20001206 (SRADV00005) Remote command execution vulnerabilities in MailMan Webmail",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/2063" "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0057.html"
}, },
{ {
"name" : "mailman-alternate-templates(5649)", "name": "mailman-alternate-templates(5649)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5649" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5649"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0319.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0319", "ID": "CVE-2001-0319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability." "value": "orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010205 IBM NetCommerce Security", "name": "http://www-4.ibm.com/software/webservers/commerce/netcomletter.html",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0072.html" "url": "http://www-4.ibm.com/software/webservers/commerce/netcomletter.html"
}, },
{ {
"name" : "http://www-4.ibm.com/software/webservers/commerce/netcomletter.html", "name": "20010205 IBM NetCommerce Security",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www-4.ibm.com/software/webservers/commerce/netcomletter.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0072.html"
}, },
{ {
"name" : "2350", "name": "2350",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/2350" "url": "http://www.securityfocus.com/bid/2350"
}, },
{ {
"name" : "ibm-netcommerce-reveal-information(6067)", "name": "ibm-netcommerce-reveal-information(6067)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6067" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6067"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0738.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0738", "ID": "CVE-2001-0738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages." "value": "LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010614 sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0", "name": "IMNX-2001-70-026-01",
"refsource" : "BUGTRAQ", "refsource": "IMMUNIX",
"url" : "http://marc.info/?l=bugtraq&m=99258618906506&w=2" "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01"
}, },
{ {
"name" : "VU#249579", "name": "VU#249579",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/249579" "url": "http://www.kb.cert.org/vuls/id/249579"
}, },
{ {
"name" : "IMNX-2001-70-026-01", "name": "klogd-null-byte-dos(7098)",
"refsource" : "IMMUNIX", "refsource": "XF",
"url" : "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098"
}, },
{ {
"name" : "klogd-null-byte-dos(7098)", "name": "20010614 sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" "url": "http://marc.info/?l=bugtraq&m=99258618906506&w=2"
} }
] ]
} }

74
2001/1xxx/CVE-2001-1085.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1085", "ID": "CVE-2001-1085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file." "value": "Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010705 lmail local root exploit", "name": "lmail-tmpfile-symlink(6809)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/195022" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6809"
}, },
{ {
"name" : "lmail-tmpfile-symlink(6809)", "name": "20010705 lmail local root exploit",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6809" "url": "http://www.securityfocus.com/archive/1/195022"
}, },
{ {
"name" : "2984", "name": "2984",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/2984" "url": "http://www.securityfocus.com/bid/2984"
} }
] ]
} }

92
2001/1xxx/CVE-2001-1109.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1109", "ID": "CVE-2001-1109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands." "value": "Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010912 EFTP Version 2.0.7.337 vulnerabilities", "name": "http://www.eftp.org/releasehistory.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/213647" "url": "http://www.eftp.org/releasehistory.html"
}, },
{ {
"name" : "http://www.eftp.org/releasehistory.html", "name": "eftp-list-directory-traversal(7113)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.eftp.org/releasehistory.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7113"
}, },
{ {
"name" : "eftp-list-directory-traversal(7113)", "name": "eftp-quote-reveal-information(7114)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7113" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7114"
}, },
{ {
"name" : "eftp-quote-reveal-information(7114)", "name": "3331",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7114" "url": "http://www.securityfocus.com/bid/3331"
}, },
{ {
"name" : "3331", "name": "20010912 EFTP Version 2.0.7.337 vulnerabilities",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/3331" "url": "http://www.securityfocus.com/archive/1/213647"
}, },
{ {
"name" : "3333", "name": "3333",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3333" "url": "http://www.securityfocus.com/bid/3333"
} }
] ]
} }

98
2006/2xxx/CVE-2006-2993.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2993", "ID": "CVE-2006-2993",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp." "value": "Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html", "name": "ADV-2006-2244",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html" "url": "http://www.vupen.com/english/advisories/2006/2244"
}, },
{ {
"name" : "18418", "name": "http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/18418" "url": "http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html"
}, },
{ {
"name" : "ADV-2006-2244", "name": "26282",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2006/2244" "url": "http://www.osvdb.org/26282"
}, },
{ {
"name" : "26281", "name": "myphoto-displayview-sql-injection(27087)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/26281" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27087"
}, },
{ {
"name" : "26282", "name": "26281",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26282" "url": "http://www.osvdb.org/26281"
}, },
{ {
"name" : "20554", "name": "20554",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20554" "url": "http://secunia.com/advisories/20554"
}, },
{ {
"name" : "myphoto-displayview-sql-injection(27087)", "name": "18418",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27087" "url": "http://www.securityfocus.com/bid/18418"
} }
] ]
} }

182
2008/1xxx/CVE-2008-1218.json
View File

@ -1,161 +1,161 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1218", "ID": "CVE-2008-1218",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified." "value": "Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080312 rPSA-2008-0108-1 dovecot", "name": "GLSA-200803-25",
"refsource" : "BUGTRAQ", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/archive/1/489481/100/0/threaded" "url": "http://security.gentoo.org/glsa/glsa-200803-25.xml"
}, },
{ {
"name" : "5257", "name": "29295",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/5257" "url": "http://secunia.com/advisories/29295"
}, },
{ {
"name" : "[Dovecot-news] 20080309 v1.0.13 and v1.1.rc3 released", "name": "dovecot-tab-authentication-bypass(41085)",
"refsource" : "MLIST", "refsource": "XF",
"url" : "http://www.dovecot.org/list/dovecot-news/2008-March/000065.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41085"
}, },
{ {
"name" : "[Dovecot-news] 20080309 Security hole #6: Some passdbs allowed users to log in without a valid password", "name": "5257",
"refsource" : "MLIST", "refsource": "EXPLOIT-DB",
"url" : "http://www.dovecot.org/list/dovecot-news/2008-March/000064.html" "url": "https://www.exploit-db.com/exploits/5257"
}, },
{ {
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0108", "name": "29557",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0108" "url": "http://secunia.com/advisories/29557"
}, },
{ {
"name" : "https://issues.rpath.com/browse/RPL-2341", "name": "DSA-1516",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://issues.rpath.com/browse/RPL-2341" "url": "http://www.debian.org/security/2008/dsa-1516"
}, },
{ {
"name" : "DSA-1516", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0108",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2008/dsa-1516" "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0108"
}, },
{ {
"name" : "FEDORA-2008-2464", "name": "USN-593-1",
"refsource" : "FEDORA", "refsource": "UBUNTU",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00358.html" "url": "https://usn.ubuntu.com/593-1/"
}, },
{ {
"name" : "FEDORA-2008-2475", "name": "FEDORA-2008-2475",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00381.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00381.html"
}, },
{ {
"name" : "GLSA-200803-25", "name": "29364",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-200803-25.xml" "url": "http://secunia.com/advisories/29364"
}, },
{ {
"name" : "SUSE-SR:2008:020", "name": "SUSE-SR:2008:020",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html"
}, },
{ {
"name" : "USN-593-1", "name": "https://issues.rpath.com/browse/RPL-2341",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/593-1/" "url": "https://issues.rpath.com/browse/RPL-2341"
}, },
{ {
"name" : "28181", "name": "[Dovecot-news] 20080309 Security hole #6: Some passdbs allowed users to log in without a valid password",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/28181" "url": "http://www.dovecot.org/list/dovecot-news/2008-March/000064.html"
}, },
{ {
"name" : "29295", "name": "[Dovecot-news] 20080309 v1.0.13 and v1.1.rc3 released",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/29295" "url": "http://www.dovecot.org/list/dovecot-news/2008-March/000065.html"
}, },
{ {
"name" : "29226", "name": "29226",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29226" "url": "http://secunia.com/advisories/29226"
}, },
{ {
"name" : "29364", "name": "20080312 rPSA-2008-0108-1 dovecot",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/29364" "url": "http://www.securityfocus.com/archive/1/489481/100/0/threaded"
}, },
{ {
"name" : "29385", "name": "32151",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29385" "url": "http://secunia.com/advisories/32151"
}, },
{ {
"name" : "29396", "name": "29385",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29396" "url": "http://secunia.com/advisories/29385"
}, },
{ {
"name" : "29557", "name": "FEDORA-2008-2464",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/29557" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00358.html"
}, },
{ {
"name" : "32151", "name": "28181",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/32151" "url": "http://www.securityfocus.com/bid/28181"
}, },
{ {
"name" : "dovecot-tab-authentication-bypass(41085)", "name": "29396",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41085" "url": "http://secunia.com/advisories/29396"
} }
] ]
} }

128
2008/5xxx/CVE-2008-5660.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5660", "ID": "CVE-2008-5660",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response." "value": "Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081209 CORE-2008-1127 - Vinagre show_error() format string vulnerability", "name": "7401",
"refsource" : "BUGTRAQ", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/archive/1/499057/100/0/threaded" "url": "https://www.exploit-db.com/exploits/7401"
}, },
{ {
"name" : "7401", "name": "FEDORA-2008-10932",
"refsource" : "EXPLOIT-DB", "refsource": "FEDORA",
"url" : "https://www.exploit-db.com/exploits/7401" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00473.html"
}, },
{ {
"name" : "http://www.coresecurity.com/content/vinagre-format-string", "name": "20081209 CORE-2008-1127 - Vinagre show_error() format string vulnerability",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.coresecurity.com/content/vinagre-format-string" "url": "http://www.securityfocus.com/archive/1/499057/100/0/threaded"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=475070", "name": "33041",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=475070" "url": "http://secunia.com/advisories/33041"
}, },
{ {
"name" : "FEDORA-2008-10932", "name": "http://www.coresecurity.com/content/vinagre-format-string",
"refsource" : "FEDORA", "refsource": "MISC",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00473.html" "url": "http://www.coresecurity.com/content/vinagre-format-string"
}, },
{ {
"name" : "FEDORA-2008-10941", "name": "33082",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00485.html" "url": "http://secunia.com/advisories/33082"
}, },
{ {
"name" : "MDVSA-2008:240", "name": "MDVSA-2008:240",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:240" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:240"
}, },
{ {
"name" : "USN-689-1", "name": "ADV-2008-3362",
"refsource" : "UBUNTU", "refsource": "VUPEN",
"url" : "http://www.ubuntu.com/usn/usn-689-1" "url": "http://www.vupen.com/english/advisories/2008/3362"
}, },
{ {
"name" : "33046", "name": "33046",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/33046" "url": "http://secunia.com/advisories/33046"
}, },
{ {
"name" : "ADV-2008-3362", "name": "FEDORA-2008-10941",
"refsource" : "VUPEN", "refsource": "FEDORA",
"url" : "http://www.vupen.com/english/advisories/2008/3362" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00485.html"
}, },
{ {
"name" : "33041", "name": "USN-689-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/33041" "url": "http://www.ubuntu.com/usn/usn-689-1"
}, },
{ {
"name" : "33082", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=475070",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/33082" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=475070"
} }
] ]
} }

74
2008/5xxx/CVE-2008-5815.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5815", "ID": "CVE-2008-5815",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7621", "name": "33055",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7621" "url": "http://www.securityfocus.com/bid/33055"
}, },
{ {
"name" : "33055", "name": "4859",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/33055" "url": "http://securityreason.com/securityalert/4859"
}, },
{ {
"name" : "4859", "name": "7621",
"refsource" : "SREASON", "refsource": "EXPLOIT-DB",
"url" : "http://securityreason.com/securityalert/4859" "url": "https://www.exploit-db.com/exploits/7621"
} }
] ]
} }

74
2008/5xxx/CVE-2008-5967.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5967", "ID": "CVE-2008-5967",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web root." "value": "admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web root."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "6519", "name": "6519",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/6519" "url": "https://www.exploit-db.com/exploits/6519"
}, },
{ {
"name" : "31944", "name": "31944",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/31944" "url": "http://secunia.com/advisories/31944"
}, },
{ {
"name" : "phpicalendar-index-file-upload(48323)", "name": "phpicalendar-index-file-upload(48323)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48323" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48323"
} }
] ]
} }

134
2011/2xxx/CVE-2011-2193.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2193", "ID": "CVE-2011-2193",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow (1) remote authenticated users to gain privileges via a long Job_Name field in a qsub command to the server, and might allow (2) local users to gain privileges via vectors involving a long host variable in pbs_iff." "value": "Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow (1) remote authenticated users to gain privileges via a long Job_Name field in a qsub command to the server, and might allow (2) local users to gain privileges via vectors involving a long host variable in pbs_iff."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110713 Torque Server Buffer Overflow Vulnerability", "name": "FEDORA-2011-8117",
"refsource" : "BUGTRAQ", "refsource": "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/518885/100/0/threaded" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061645.html"
}, },
{ {
"name" : "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.4.14.CHANGELOG", "name": "DSA-2329",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.4.14.CHANGELOG" "url": "http://www.debian.org/security/2011/dsa-2329"
}, },
{ {
"name" : "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.5.6.CHANGELOG", "name": "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.5.6.CHANGELOG",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.5.6.CHANGELOG" "url": "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.5.6.CHANGELOG"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=711463", "name": "45039",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=711463" "url": "http://secunia.com/advisories/45039"
}, },
{ {
"name" : "DSA-2329", "name": "FEDORA-2011-8072",
"refsource" : "DEBIAN", "refsource": "FEDORA",
"url" : "http://www.debian.org/security/2011/dsa-2329" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062638.html"
}, },
{ {
"name" : "FEDORA-2011-8117", "name": "20110713 Torque Server Buffer Overflow Vulnerability",
"refsource" : "FEDORA", "refsource": "BUGTRAQ",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061645.html" "url": "http://www.securityfocus.com/archive/1/518885/100/0/threaded"
}, },
{ {
"name" : "FEDORA-2011-8072", "name": "45040",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062638.html" "url": "http://secunia.com/advisories/45040"
}, },
{ {
"name" : "48374", "name": "8304",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/48374" "url": "http://securityreason.com/securityalert/8304"
}, },
{ {
"name" : "45039", "name": "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.4.14.CHANGELOG",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/45039" "url": "http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.4.14.CHANGELOG"
}, },
{ {
"name" : "45040", "name": "48374",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/45040" "url": "http://www.securityfocus.com/bid/48374"
}, },
{ {
"name" : "8304", "name": "torque-hostnames-bo(68152)",
"refsource" : "SREASON", "refsource": "XF",
"url" : "http://securityreason.com/securityalert/8304" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68152"
}, },
{ {
"name" : "torque-hostnames-bo(68152)", "name": "torque-jobnames-bo(68151)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68152" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68151"
}, },
{ {
"name" : "torque-jobnames-bo(68151)", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=711463",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68151" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711463"
} }
] ]
} }

116
2011/2xxx/CVE-2011-2366.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2366", "ID": "CVE-2011-2366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader." "value": "Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[whatwg] 20110314 Canvas and drawWindow", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=655987",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-March/030882.html" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=655987"
}, },
{ {
"name" : "http://www.contextis.co.uk/resources/blog/webgl/", "name": "oval:org.mitre.oval:def:14221",
"refsource" : "MISC", "refsource": "OVAL",
"url" : "http://www.contextis.co.uk/resources/blog/webgl/" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14221"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=655987", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=659349",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=655987" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=659349"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=656277", "name": "https://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=656277" "url": "https://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/"
}, },
{ {
"name" : "https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures", "name": "SUSE-SA:2011:028",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html"
}, },
{ {
"name" : "https://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/", "name": "http://www.contextis.co.uk/resources/blog/webgl/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://hacks.mozilla.org/2011/06/cross-domain-webgl-textures-disabled-in-firefox-5/" "url": "http://www.contextis.co.uk/resources/blog/webgl/"
}, },
{ {
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-25.html", "name": "https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-25.html" "url": "https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=659349", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=656277",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=659349" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=656277"
}, },
{ {
"name" : "SUSE-SA:2011:028", "name": "[whatwg] 20110314 Canvas and drawWindow",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html" "url": "http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-March/030882.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14221", "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-25.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14221" "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-25.html"
} }
] ]
} }

110
2011/2xxx/CVE-2011-2492.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2492", "ID": "CVE-2011-2492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c." "value": "The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.", "name": "RHSA-2011:0927",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909" "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
}, },
{ {
"name" : "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d03e971cf403305217b8e62db3a2e5ad2d6263f",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/24/2" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d03e971cf403305217b8e62db3a2e5ad2d6263f"
}, },
{ {
"name" : "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=703019",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/24/3" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d03e971cf403305217b8e62db3a2e5ad2d6263f", "name": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d03e971cf403305217b8e62db3a2e5ad2d6263f" "url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4", "name": "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4" "url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=703019", "name": "1025778",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=703019" "url": "http://securitytracker.com/id?1025778"
}, },
{ {
"name" : "HPSBGN02970", "name": "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"refsource" : "HP", "refsource": "MLIST",
"url" : "http://marc.info/?l=bugtraq&m=139447903326211&w=2" "url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"
}, },
{ {
"name" : "RHSA-2011:0927", "name": "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://rhn.redhat.com/errata/RHSA-2011-0927.html" "url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"
}, },
{ {
"name" : "1025778", "name": "HPSBGN02970",
"refsource" : "SECTRACK", "refsource": "HP",
"url" : "http://securitytracker.com/id?1025778" "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2566.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2566", "ID": "CVE-2011-2566",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2011/2xxx/CVE-2011-2734.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-2734", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-2734",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

110
2011/3xxx/CVE-2011-3010.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3010", "ID": "CVE-2011-3010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin." "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110922 XSS Vulnerabilities in TWiki < 5.1.0", "name": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html" "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
}, },
{ {
"name" : "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5", "name": "75674",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5" "url": "http://www.osvdb.org/75674"
}, },
{ {
"name" : "http://develop.twiki.org/trac/changeset/21920", "name": "1026091",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://develop.twiki.org/trac/changeset/21920" "url": "http://securitytracker.com/id?1026091"
}, },
{ {
"name" : "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010", "name": "46123",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010" "url": "http://secunia.com/advisories/46123"
}, },
{ {
"name" : "49746", "name": "http://develop.twiki.org/trac/changeset/21920",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/49746" "url": "http://develop.twiki.org/trac/changeset/21920"
}, },
{ {
"name" : "75673", "name": "49746",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/75673" "url": "http://www.securityfocus.com/bid/49746"
}, },
{ {
"name" : "75674", "name": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/75674" "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
}, },
{ {
"name" : "1026091", "name": "20110922 XSS Vulnerabilities in TWiki < 5.1.0",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1026091" "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
}, },
{ {
"name" : "46123", "name": "75673",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/46123" "url": "http://www.osvdb.org/75673"
} }
] ]
} }

80
2011/3xxx/CVE-2011-3132.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3132", "ID": "CVE-2011-3132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt", "name": "http://www.tibco.com/services/support/advisories/default.jsp",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt" "url": "http://www.tibco.com/services/support/advisories/default.jsp"
}, },
{ {
"name" : "http://www.tibco.com/services/support/advisories/default.jsp", "name": "1025999",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.tibco.com/services/support/advisories/default.jsp" "url": "http://www.securitytracker.com/id?1025999"
}, },
{ {
"name" : "1025999", "name": "45864",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1025999" "url": "http://secunia.com/advisories/45864"
}, },
{ {
"name" : "45864", "name": "http://www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/45864" "url": "http://www.tibco.com/multimedia/spotfire_advisory_20110831_tcm8-14230.txt"
} }
] ]
} }

68
2013/0xxx/CVE-2013-0109.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2013-0109", "ID": "CVE-2013-0109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application." "value": "The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.nvidia.com/object/product-security.html", "name": "VU#957036",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "http://www.nvidia.com/object/product-security.html" "url": "http://www.kb.cert.org/vuls/id/957036"
}, },
{ {
"name" : "VU#957036", "name": "http://www.nvidia.com/object/product-security.html",
"refsource" : "CERT-VN", "refsource": "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/957036" "url": "http://www.nvidia.com/object/product-security.html"
} }
] ]
} }

92
2013/0xxx/CVE-2013-0206.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0206", "ID": "CVE-2013-0206",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x before 6.x-2.1 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the \"administer CSS\" permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory." "value": "Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x before 6.x-2.1 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the \"administer CSS\" permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130121 Re: CVE request for Drupal contributed modules", "name": "https://drupal.org/node/1890318",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2013/01/21/5" "url": "https://drupal.org/node/1890318"
}, },
{ {
"name" : "https://drupal.org/node/1890318", "name": "http://drupalcode.org/project/live_css.git/commitdiff/ef323c8",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://drupal.org/node/1890318" "url": "http://drupalcode.org/project/live_css.git/commitdiff/ef323c8"
}, },
{ {
"name" : "http://drupal.org/node/1883976", "name": "http://drupal.org/node/1883978",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1883976" "url": "http://drupal.org/node/1883978"
}, },
{ {
"name" : "http://drupal.org/node/1883978", "name": "[oss-security] 20130121 Re: CVE request for Drupal contributed modules",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://drupal.org/node/1883978" "url": "http://www.openwall.com/lists/oss-security/2013/01/21/5"
}, },
{ {
"name" : "http://drupalcode.org/project/live_css.git/commitdiff/cb7005f", "name": "http://drupal.org/node/1883976",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupalcode.org/project/live_css.git/commitdiff/cb7005f" "url": "http://drupal.org/node/1883976"
}, },
{ {
"name" : "http://drupalcode.org/project/live_css.git/commitdiff/ef323c8", "name": "http://drupalcode.org/project/live_css.git/commitdiff/cb7005f",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupalcode.org/project/live_css.git/commitdiff/ef323c8" "url": "http://drupalcode.org/project/live_css.git/commitdiff/cb7005f"
} }
] ]
} }

68
2013/0xxx/CVE-2013-0362.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-0362", "ID": "CVE-2013-0362",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2013-0363 and CVE-2013-0364." "value": "Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2013-0363 and CVE-2013-0364."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "MDVSA-2013:150",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

74
2013/1xxx/CVE-2013-1288.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2013-1288", "ID": "CVE-2013-1288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CTreeNode Use After Free Vulnerability.\"" "value": "Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CTreeNode Use After Free Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS13-021", "name": "oval:org.mitre.oval:def:16095",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16095"
}, },
{ {
"name" : "TA13-071A", "name": "TA13-071A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-071A" "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16095", "name": "MS13-021",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16095" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021"
} }
] ]
} }

98
2013/1xxx/CVE-2013-1584.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1584", "ID": "CVE-2013-1584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet." "value": "The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dtn.c?r1=46579&r2=46578&pathrev=46579", "name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dtn.c?r1=46579&r2=46578&pathrev=46579" "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579"
}, },
{ {
"name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579", "name": "http://www.wireshark.org/security/wnpa-sec-2013-03.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579" "url": "http://www.wireshark.org/security/wnpa-sec-2013-03.html"
}, },
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2013-03.html", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2013-03.html" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945", "name": "openSUSE-SU-2013:0285",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945" "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html"
}, },
{ {
"name" : "openSUSE-SU-2013:0276", "name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dtn.c?r1=46579&r2=46578&pathrev=46579",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html" "url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dtn.c?r1=46579&r2=46578&pathrev=46579"
}, },
{ {
"name" : "openSUSE-SU-2013:0285", "name": "openSUSE-SU-2013:0276",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16092", "name": "oval:org.mitre.oval:def:16092",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16092" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16092"
} }
] ]
} }

86
2013/4xxx/CVE-2013-4399.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-4399", "ID": "CVE-2013-4399",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection." "value": "The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8294aa0c1750dcb49d6345cd9bd97bf421580d8b", "name": "60895",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8294aa0c1750dcb49d6345cd9bd97bf421580d8b" "url": "http://secunia.com/advisories/60895"
}, },
{ {
"name" : "http://security.libvirt.org/2013/0013.html", "name": "GLSA-201412-04",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://security.libvirt.org/2013/0013.html" "url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
}, },
{ {
"name" : "GLSA-201412-04", "name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8294aa0c1750dcb49d6345cd9bd97bf421580d8b",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-201412-04.xml" "url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8294aa0c1750dcb49d6345cd9bd97bf421580d8b"
}, },
{ {
"name" : "62972", "name": "62972",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/62972" "url": "http://www.securityfocus.com/bid/62972"
}, },
{ {
"name" : "60895", "name": "http://security.libvirt.org/2013/0013.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/60895" "url": "http://security.libvirt.org/2013/0013.html"
} }
] ]
} }

68
2013/4xxx/CVE-2013-4728.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4728", "ID": "CVE-2013-4728",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the \"l\" parameter, which reveals the installation path in an error message." "value": "DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the \"l\" parameter, which reveals the installation path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt", "name": "96667",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt" "url": "http://osvdb.org/96667"
}, },
{ {
"name" : "96667", "name": "http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/96667" "url": "http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt"
} }
] ]
} }

22
2013/4xxx/CVE-2013-4849.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4849", "ID": "CVE-2013-4849",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

152
2013/4xxx/CVE-2013-4935.json
View File

@ -1,136 +1,136 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4935", "ID": "CVE-2013-4935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." "value": "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985", "name": "54371",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985" "url": "http://secunia.com/advisories/54371"
}, },
{ {
"name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985", "name": "openSUSE-SU-2013:1300",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985" "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html"
}, },
{ {
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html", "name": "54178",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html" "url": "http://secunia.com/advisories/54178"
}, },
{ {
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html", "name": "RHSA-2014:0341",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8722", "name": "54425",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8722" "url": "http://secunia.com/advisories/54425"
}, },
{ {
"name" : "https://www.wireshark.org/security/wnpa-sec-2013-52.html", "name": "https://www.wireshark.org/security/wnpa-sec-2013-52.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.wireshark.org/security/wnpa-sec-2013-52.html" "url": "https://www.wireshark.org/security/wnpa-sec-2013-52.html"
}, },
{ {
"name" : "DSA-2734", "name": "DSA-2734",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2013/dsa-2734" "url": "http://www.debian.org/security/2013/dsa-2734"
}, },
{ {
"name" : "GLSA-201308-05", "name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml" "url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985"
}, },
{ {
"name" : "RHSA-2014:0341", "name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0341.html" "url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1295", "name": "GLSA-201308-05",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html" "url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
}, },
{ {
"name" : "openSUSE-SU-2013:1300", "name": "openSUSE-SU-2013:1295",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:17417", "name": "54296",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17417" "url": "http://secunia.com/advisories/54296"
}, },
{ {
"name" : "54178", "name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/54178" "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985"
}, },
{ {
"name" : "54371", "name": "oval:org.mitre.oval:def:17417",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/54371" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17417"
}, },
{ {
"name" : "54296", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8722",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/54296" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8722"
}, },
{ {
"name" : "54425", "name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/54425" "url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html"
} }
] ]
} }

68
2013/4xxx/CVE-2013-4984.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4984", "ID": "CVE-2013-4984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument." "value": "The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities", "name": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities" "url": "http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities"
}, },
{ {
"name" : "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx", "name": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx" "url": "http://www.sophos.com/en-us/support/knowledgebase/119773.aspx"
} }
] ]
} }

92
2013/5xxx/CVE-2013-5591.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2013-5591", "ID": "CVE-2013-5591",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." "value": "Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=859892",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=859892"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=859892", "name": "oval:org.mitre.oval:def:19015",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=859892" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19015"
}, },
{ {
"name" : "GLSA-201504-01", "name": "openSUSE-SU-2013:1633",
"refsource" : "GENTOO", "refsource": "SUSE",
"url" : "https://security.gentoo.org/glsa/201504-01" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1634", "name": "GLSA-201504-01",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html" "url": "https://security.gentoo.org/glsa/201504-01"
}, },
{ {
"name" : "openSUSE-SU-2013:1633", "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html" "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19015", "name": "openSUSE-SU-2013:1634",
"refsource" : "OVAL", "refsource": "SUSE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19015" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html"
} }
] ]
} }

62
2013/5xxx/CVE-2013-5725.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5725", "ID": "CVE-2013-5725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL." "value": "The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130929 [CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability", "name": "20130929 [CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-09/0145.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2013-09/0145.html"
} }
] ]
} }

86
2013/5xxx/CVE-2013-5963.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5963", "ID": "CVE-2013-5963",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin before 1.8.8.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/wpdb/." "value": "Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin before 1.8.8.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/wpdb/."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.com/files/123235", "name": "simpledropboxupload-multi-file-upload(87166)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://packetstormsecurity.com/files/123235" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87166"
}, },
{ {
"name" : "http://plugins.trac.wordpress.org/changeset?reponame=&old=774214@simple-dropbox-upload-form%2Ftrunk&new=774214@simple-dropbox-upload-form%2Ftrunk", "name": "http://plugins.trac.wordpress.org/changeset?reponame=&old=774214@simple-dropbox-upload-form%2Ftrunk&new=774214@simple-dropbox-upload-form%2Ftrunk",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://plugins.trac.wordpress.org/changeset?reponame=&old=774214@simple-dropbox-upload-form%2Ftrunk&new=774214@simple-dropbox-upload-form%2Ftrunk" "url": "http://plugins.trac.wordpress.org/changeset?reponame=&old=774214@simple-dropbox-upload-form%2Ftrunk&new=774214@simple-dropbox-upload-form%2Ftrunk"
}, },
{ {
"name" : "http://wordpress.org/plugins/simple-dropbox-upload-form/changelog", "name": "http://wordpress.org/plugins/simple-dropbox-upload-form/changelog",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://wordpress.org/plugins/simple-dropbox-upload-form/changelog" "url": "http://wordpress.org/plugins/simple-dropbox-upload-form/changelog"
}, },
{ {
"name" : "54856", "name": "http://packetstormsecurity.com/files/123235",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/54856" "url": "http://packetstormsecurity.com/files/123235"
}, },
{ {
"name" : "simpledropboxupload-multi-file-upload(87166)", "name": "54856",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87166" "url": "http://secunia.com/advisories/54856"
} }
] ]
} }

84
2017/1000xxx/CVE-2017-1000256.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-10-12", "DATE_ASSIGNED": "2017-10-12",
"ID" : "CVE-2017-1000256", "ID": "CVE-2017-1000256",
"REQUESTER" : "berrange@redhat.com", "REQUESTER": "berrange@redhat.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "libvirt", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.3.0 and later" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "libvirt" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "libvirt version 2.3.0 and later is vulnerable to a bad default configuration of \"verify-peer=no\" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default." "value": "libvirt version 2.3.0 and later is vulnerable to a bad default configuration of \"verify-peer=no\" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-295" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[libvirt-announce] 20171016 LSN-2017-0002 - TLS certificate verification disabled for clients", "name": "[libvirt-announce] 20171016 LSN-2017-0002 - TLS certificate verification disabled for clients",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.html" "url": "https://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.html"
}, },
{ {
"name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1556251.html", "name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1556251.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1556251.html" "url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1556251.html"
}, },
{ {
"name" : "https://access.redhat.com/security/cve/CVE-2017-1000256", "name": "DSA-4003",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://access.redhat.com/security/cve/CVE-2017-1000256" "url": "http://www.debian.org/security/2017/dsa-4003"
}, },
{ {
"name" : "DSA-4003", "name": "https://access.redhat.com/security/cve/CVE-2017-1000256",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2017/dsa-4003" "url": "https://access.redhat.com/security/cve/CVE-2017-1000256"
} }
] ]
} }

74
2017/12xxx/CVE-2017-12268.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-12268", "ID": "CVE-2017-12268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco AnyConnect Network Access Manager", "product_name": "Cisco AnyConnect Network Access Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco AnyConnect Network Access Manager" "version_value": "Cisco AnyConnect Network Access Manager"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539." "value": "A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-264" "value": "CWE-264"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam"
}, },
{ {
"name" : "101157", "name": "1039507",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101157" "url": "http://www.securitytracker.com/id/1039507"
}, },
{ {
"name" : "1039507", "name": "101157",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039507" "url": "http://www.securityfocus.com/bid/101157"
} }
] ]
} }

22
2017/12xxx/CVE-2017-12324.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12324", "ID": "CVE-2017-12324",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2017/12xxx/CVE-2017-12526.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-08-11T00:00:00", "DATE_PUBLIC": "2017-08-11T00:00:00",
"ID" : "CVE-2017-12526", "ID": "CVE-2017-12526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intelligent Management Center (iMC) PLAT", "product_name": "Intelligent Management Center (iMC) PLAT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "PLAT 7.3 (E0504)" "version_value": "PLAT 7.3 (E0504)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version." "value": "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us", "name": "1039152",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" "url": "http://www.securitytracker.com/id/1039152"
}, },
{ {
"name" : "100367", "name": "100367",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/100367" "url": "http://www.securityfocus.com/bid/100367"
}, },
{ {
"name" : "1039152", "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1039152" "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us"
} }
] ]
} }

74
2017/12xxx/CVE-2017-12692.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12692", "ID": "CVE-2017-12692",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file." "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/653", "name": "USN-3681-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/653" "url": "https://usn.ubuntu.com/3681-1/"
}, },
{ {
"name" : "GLSA-201711-07", "name": "GLSA-201711-07",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201711-07" "url": "https://security.gentoo.org/glsa/201711-07"
}, },
{ {
"name" : "USN-3681-1", "name": "https://github.com/ImageMagick/ImageMagick/issues/653",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3681-1/" "url": "https://github.com/ImageMagick/ImageMagick/issues/653"
} }
] ]
} }

98
2017/13xxx/CVE-2017-13036.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13036", "ID": "CVE-2017-13036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3()." "value": "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3()."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.tcpdump.org/tcpdump-changes.txt", "name": "GLSA-201709-23",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.tcpdump.org/tcpdump-changes.txt" "url": "https://security.gentoo.org/glsa/201709-23"
}, },
{ {
"name" : "https://github.com/the-tcpdump-group/tcpdump/commit/88b2dac837e81cf56dce05e6e7b5989332c0092d", "name": "https://support.apple.com/HT208221",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/the-tcpdump-group/tcpdump/commit/88b2dac837e81cf56dce05e6e7b5989332c0092d" "url": "https://support.apple.com/HT208221"
}, },
{ {
"name" : "https://support.apple.com/HT208221", "name": "DSA-3971",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://support.apple.com/HT208221" "url": "http://www.debian.org/security/2017/dsa-3971"
}, },
{ {
"name" : "DSA-3971", "name": "1039307",
"refsource" : "DEBIAN", "refsource": "SECTRACK",
"url" : "http://www.debian.org/security/2017/dsa-3971" "url": "http://www.securitytracker.com/id/1039307"
}, },
{ {
"name" : "GLSA-201709-23", "name": "https://github.com/the-tcpdump-group/tcpdump/commit/88b2dac837e81cf56dce05e6e7b5989332c0092d",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201709-23" "url": "https://github.com/the-tcpdump-group/tcpdump/commit/88b2dac837e81cf56dce05e6e7b5989332c0092d"
}, },
{ {
"name" : "RHEA-2018:0705", "name": "http://www.tcpdump.org/tcpdump-changes.txt",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHEA-2018:0705" "url": "http://www.tcpdump.org/tcpdump-changes.txt"
}, },
{ {
"name" : "1039307", "name": "RHEA-2018:0705",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1039307" "url": "https://access.redhat.com/errata/RHEA-2018:0705"
} }
] ]
} }

80
2017/13xxx/CVE-2017-13727.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13727", "ID": "CVE-2017-13727",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack." "value": "There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2728", "name": "100524",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2728" "url": "http://www.securityfocus.com/bid/100524"
}, },
{ {
"name" : "DSA-4100", "name": "USN-3602-1",
"refsource" : "DEBIAN", "refsource": "UBUNTU",
"url" : "https://www.debian.org/security/2018/dsa-4100" "url": "https://usn.ubuntu.com/3602-1/"
}, },
{ {
"name" : "USN-3602-1", "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2728",
"refsource" : "UBUNTU", "refsource": "MISC",
"url" : "https://usn.ubuntu.com/3602-1/" "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2728"
}, },
{ {
"name" : "100524", "name": "DSA-4100",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/100524" "url": "https://www.debian.org/security/2018/dsa-4100"
} }
] ]
} }

22
2017/16xxx/CVE-2017-16284.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16284", "ID": "CVE-2017-16284",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16295.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16295", "ID": "CVE-2017-16295",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16490.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-16490", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-16490",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4570.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4570", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4570",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4764.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4764", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4764",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4778.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4778", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4778",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4868.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4868", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4868",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

64
2018/18xxx/CVE-2018-18395.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vulnerability@kaspersky.com", "ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2018-10-18T00:00:00", "DATE_PUBLIC": "2018-10-18T00:00:00",
"ID" : "CVE-2018-18395", "ID": "CVE-2018-18395",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ThingsPro IIoT Gateway and Device Management Software Solutions", "product_name": "ThingsPro IIoT Gateway and Device Management Software Solutions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.1" "version_value": "2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Moxa" "vendor_name": "Moxa"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1." "value": "Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Hidden Token Access" "value": "Hidden Token Access"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/10/18/klcert-18-023-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-hidden-token-access/", "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/10/18/klcert-18-023-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-hidden-token-access/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/10/18/klcert-18-023-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-hidden-token-access/" "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/10/18/klcert-18-023-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-hidden-token-access/"
} }
] ]
} }

80
2018/18xxx/CVE-2018-18438.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18438", "ID": "CVE-2018-18438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value." "value": "Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20181017 CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption", "name": "105953",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2018/10/17/3" "url": "http://www.securityfocus.com/bid/105953"
}, },
{ {
"name" : "[qemu-devel] 20181012 [PATCH v2 00/11] chardev: Convert IO handlers to use unsigned type", "name": "[qemu-devel] 20181012 [PATCH v2 07/11] chardev: Let IOReadHandler use unsigned type",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02396.html" "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02402.html"
}, },
{ {
"name" : "[qemu-devel] 20181012 [PATCH v2 07/11] chardev: Let IOReadHandler use unsigned type", "name": "[qemu-devel] 20181012 [PATCH v2 00/11] chardev: Convert IO handlers to use unsigned type",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02402.html" "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02396.html"
}, },
{ {
"name" : "105953", "name": "[oss-security] 20181017 CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/105953" "url": "http://www.openwall.com/lists/oss-security/2018/10/17/3"
} }
] ]
} }

62
2018/18xxx/CVE-2018-18698.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18698", "ID": "CVE-2018-18698",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a hotspot." "value": "An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a hotspot."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/0x5h1v4m/CVE-ID-s/blob/master/CVE-2018-18698/MI%20A1.txt", "name": "https://github.com/0x5h1v4m/CVE-ID-s/blob/master/CVE-2018-18698/MI%20A1.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/0x5h1v4m/CVE-ID-s/blob/master/CVE-2018-18698/MI%20A1.txt" "url": "https://github.com/0x5h1v4m/CVE-ID-s/blob/master/CVE-2018-18698/MI%20A1.txt"
} }
] ]
} }

68
2018/1xxx/CVE-2018-1314.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2018-1314", "ID": "CVE-2018-1314",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Hive", "product_name": "Apache Hive",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions of Hive including 2.3.3, 3.1.0 and earlier" "version_value": "All versions of Hive including 2.3.3, 3.1.0 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Apache Hive 2.3.3, 3.1.0 and earlier, Hive \"EXPLAIN\" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do \"EXPLAIN\" on arbitrary table or view and expose table metadata and statistics." "value": "In Apache Hive 2.3.3, 3.1.0 and earlier, Hive \"EXPLAIN\" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do \"EXPLAIN\" on arbitrary table or view and expose table metadata and statistics."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Access Control" "value": "Improper Access Control"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E", "name": "105884",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E" "url": "http://www.securityfocus.com/bid/105884"
}, },
{ {
"name" : "105884", "name": "https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/105884" "url": "https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E"
} }
] ]
} }

22
2018/5xxx/CVE-2018-5264.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5264", "ID": "CVE-2018-5264",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

70
2018/5xxx/CVE-2018-5482.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@netapp.com", "ASSIGNER": "security-alert@netapp.com",
"DATE_PUBLIC" : "2019-03-04T00:00:00", "DATE_PUBLIC": "2019-03-04T00:00:00",
"ID" : "CVE-2018-5482", "ID": "CVE-2018-5482",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SnapCenter Server", "product_name": "SnapCenter Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions prior to 4.1" "version_value": "Versions prior to 4.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "NetApp" "vendor_name": "NetApp"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel." "value": "NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Secure cookie" "value": "Secure cookie"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20190304-0001/", "name": "107274",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security.netapp.com/advisory/ntap-20190304-0001/" "url": "http://www.securityfocus.com/bid/107274"
}, },
{ {
"name" : "107274", "name": "https://security.netapp.com/advisory/ntap-20190304-0001/",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/107274" "url": "https://security.netapp.com/advisory/ntap-20190304-0001/"
} }
] ]
} }

70
2018/5xxx/CVE-2018-5502.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-03-21T00:00:00", "DATE_PUBLIC": "2018-03-21T00:00:00",
"ID" : "CVE-2018-5502", "ID": "CVE-2018-5502",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)", "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "13.0.0 - 13.1.0.3" "version_value": "13.0.0 - 13.1.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks, Inc." "vendor_name": "F5 Networks, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure." "value": "On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "DoS" "value": "DoS"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.f5.com/csp/article/K43121447", "name": "https://support.f5.com/csp/article/K43121447",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.f5.com/csp/article/K43121447" "url": "https://support.f5.com/csp/article/K43121447"
}, },
{ {
"name" : "1040561", "name": "1040561",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040561" "url": "http://www.securitytracker.com/id/1040561"
} }
] ]
} }