"-Synchronized-Data."

This commit is contained in:
CVE Team 2019-03-18 03:38:25 +00:00
parent e729cca2fe
commit d7080bb077
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3396 additions and 3396 deletions

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0040",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020306-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20020306-01-P"
},
{
"name" : "4388",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4388"
},
{
"name" : "2058",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/2058"
},
{
"name" : "irix-hostaliases-gain-privileges(8669)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8669.php"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020306-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020306-01-P"
},
{
"name": "4388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4388"
},
{
"name": "2058",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2058"
},
{
"name": "irix-hostaliases-gain-privileges(8669)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8669.php"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0265",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020211 Vulnerability in Sawmill for Solaris v. 6.2.14",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101346206921270&w=2"
},
{
"name" : "http://www.sawmill.net/version_history.html",
"refsource" : "CONFIRM",
"url" : "http://www.sawmill.net/version_history.html"
},
{
"name" : "4077",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4077"
},
{
"name" : "sawmill-admin-password-insecure(8173)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8173.php"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sawmill.net/version_history.html",
"refsource": "CONFIRM",
"url": "http://www.sawmill.net/version_history.html"
},
{
"name": "4077",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4077"
},
{
"name": "sawmill-admin-password-insecure(8173)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8173.php"
},
{
"name": "20020211 Vulnerability in Sawmill for Solaris v. 6.2.14",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=101346206921270&w=2"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0466",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020105 Hosting Controller's - Multiple Security Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-01/0039.html"
},
{
"name" : "http://www.hostingcontroller.com/english/patches/ForAll/download/foldersecurity.zip",
"refsource" : "CONFIRM",
"url" : "http://www.hostingcontroller.com/english/patches/ForAll/download/foldersecurity.zip"
},
{
"name" : "hosting-controller-directory-browsing(7823)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7823"
},
{
"name" : "3808",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/3808"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3808"
},
{
"name": "20020105 Hosting Controller's - Multiple Security Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0039.html"
},
{
"name": "hosting-controller-directory-browsing(7823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7823"
},
{
"name": "http://www.hostingcontroller.com/english/patches/ForAll/download/foldersecurity.zip",
"refsource": "CONFIRM",
"url": "http://www.hostingcontroller.com/english/patches/ForAll/download/foldersecurity.zip"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0497",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020306 mtr 0.45, 0.46",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.html"
},
{
"name" : "DSA-124",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2002/dsa-124"
},
{
"name" : "4217",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4217"
},
{
"name" : "mtr-options-bo(8367)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8367.php"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020306 mtr 0.45, 0.46",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0048.html"
},
{
"name": "mtr-options-bo(8367)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8367.php"
},
{
"name": "4217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4217"
},
{
"name": "DSA-124",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-124"
}
]
}
}

View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0508",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020328 vuln in wwwisis: remote command execution and get files",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/264682"
},
{
"name" : "20020402 RE: [VulnWatch] vuln in wwwisis: remote command execution and get files",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/265456"
},
{
"name" : "http://www.bireme.br/security.htm",
"refsource" : "CONFIRM",
"url" : "http://www.bireme.br/security.htm"
},
{
"name" : "4384",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4384"
},
{
"name" : "wwwisis-remote-command-execution(8660)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8660.php"
},
{
"name" : "4383",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4383"
},
{
"name" : "20020328 [VulnWatch] vuln in wwwisis: remote command execution and get files",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0077.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020402 RE: [VulnWatch] vuln in wwwisis: remote command execution and get files",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/265456"
},
{
"name": "4384",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4384"
},
{
"name": "20020328 vuln in wwwisis: remote command execution and get files",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/264682"
},
{
"name": "20020328 [VulnWatch] vuln in wwwisis: remote command execution and get files",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0077.html"
},
{
"name": "wwwisis-remote-command-execution(8660)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8660.php"
},
{
"name": "4383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4383"
},
{
"name": "http://www.bireme.br/security.htm",
"refsource": "CONFIRM",
"url": "http://www.bireme.br/security.htm"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1267",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka \"CUPS Printing Web Administration is Remotely Accessible.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.info.apple.com/usen/security/security_updates.html",
"refsource" : "CONFIRM",
"url" : "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"name" : "macos-cups-dos(10824)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10824"
},
{
"name" : "7058",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/7058"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka \"CUPS Printing Web Administration is Remotely Accessible.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.info.apple.com/usen/security/security_updates.html",
"refsource": "CONFIRM",
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"name": "macos-cups-dos(10824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10824"
},
{
"name": "7058",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7058"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1759",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20020424 PHProjekt multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00361.html"
},
{
"name" : "4597",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4597"
},
{
"name" : "phprojekt-upload-read-files(8944)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8944"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4597"
},
{
"name": "20020424 PHProjekt multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00361.html"
},
{
"name": "phprojekt-upload-read-files(8944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8944"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-2179",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20021002 Kill a Unisys Clearpath with nmap port scan",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/293881"
},
{
"name" : "20021017 Solution: Kill a Unisys Clearpath with nmap port scan",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/295837"
},
{
"name" : "5863",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5863"
},
{
"name" : "clearpath-port-scan-dos(10260)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/10260.php"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "clearpath-port-scan-dos(10260)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10260.php"
},
{
"name": "20021017 Solution: Kill a Unisys Clearpath with nmap port scan",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/295837"
},
{
"name": "20021002 Kill a Unisys Clearpath with nmap port scan",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/293881"
},
{
"name": "5863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5863"
}
]
}
}

View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0232",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka \"Fireflashing.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050207 Fireflashing [Firefox 1.0]",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110781055630856&w=2"
},
{
"name" : "http://www.mikx.de/fireflashing/",
"refsource" : "MISC",
"url" : "http://www.mikx.de/fireflashing/"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=280664",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=280664"
},
{
"name" : "http://www.mozilla.org/security/announce/mfsa2005-27.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/mfsa2005-27.html"
},
{
"name" : "GLSA-200503-10",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml"
},
{
"name" : "GLSA-200503-30",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name" : "RHSA-2005:323",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name" : "RHSA-2005:176",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-176.html"
},
{
"name" : "RHSA-2005:384",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-384.html"
},
{
"name" : "SUSE-SA:2005:016",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html"
},
{
"name" : "oval:org.mitre.oval:def:10967",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10967"
},
{
"name" : "mozilla-firefox-aboutconfig-modify(19266)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19266"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka \"Fireflashing.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050207 Fireflashing [Firefox 1.0]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110781055630856&w=2"
},
{
"name": "RHSA-2005:323",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "http://www.mozilla.org/security/announce/mfsa2005-27.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/mfsa2005-27.html"
},
{
"name": "SUSE-SA:2005:016",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html"
},
{
"name": "mozilla-firefox-aboutconfig-modify(19266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19266"
},
{
"name": "RHSA-2005:176",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-176.html"
},
{
"name": "RHSA-2005:384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-384.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=280664",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=280664"
},
{
"name": "oval:org.mitre.oval:def:10967",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10967"
},
{
"name": "GLSA-200503-30",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml"
},
{
"name": "GLSA-200503-10",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml"
},
{
"name": "http://www.mikx.de/fireflashing/",
"refsource": "MISC",
"url": "http://www.mikx.de/fireflashing/"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0804",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050317 See-security Advisory: Format string vulnerability in MailEnable 1.8",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111108519331738&w=2"
},
{
"name" : "12833",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12833"
},
{
"name" : "14627",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14627"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050317 See-security Advisory: Format string vulnerability in MailEnable 1.8",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111108519331738&w=2"
},
{
"name": "14627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14627"
},
{
"name": "12833",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12833"
}
]
}
}

View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0999",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050406 [waraxe-2005-SA#041] - Critical Sql Injection in PhpNuke 6.x-7.6",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111281649616901&w=2"
},
{
"name" : "http://www.waraxe.us/advisory-41.html",
"refsource" : "MISC",
"url" : "http://www.waraxe.us/advisory-41.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050406 [waraxe-2005-SA#041] - Critical Sql Injection in PhpNuke 6.x-7.6",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111281649616901&w=2"
},
{
"name": "http://www.waraxe.us/advisory-41.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-41.html"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1533",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1533",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1800",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050529 XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version))",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/034354.html"
},
{
"name" : "13796",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/13796"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050529 XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version))",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/034354.html"
},
{
"name": "13796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13796"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0947",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0947",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1214",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20090325 CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/03/25/7"
},
{
"name" : "http://savannah.gnu.org/bugs/?25296",
"refsource" : "MISC",
"url" : "http://savannah.gnu.org/bugs/?25296"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/screen/+bug/315993",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/screen/+bug/315993"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=492104",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=492104"
},
{
"name" : "34521",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34521"
},
{
"name" : "screen-screenexchange-info-disclosure(49886)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49886"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=492104",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=492104"
},
{
"name": "screen-screenexchange-info-disclosure(49886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49886"
},
{
"name": "[oss-security] 20090325 CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/03/25/7"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/screen/+bug/315993",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/screen/+bug/315993"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123"
},
{
"name": "34521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34521"
},
{
"name": "http://savannah.gnu.org/bugs/?25296",
"refsource": "MISC",
"url": "http://savannah.gnu.org/bugs/?25296"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1397",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1397",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1409",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when \"Extended User Fields\" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "8495",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8495"
},
{
"name" : "34614",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34614"
},
{
"name" : "53812",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/53812"
},
{
"name" : "34823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34823"
},
{
"name" : "e107-hide-sql-injection(49981)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49981"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when \"Extended User Fields\" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34823"
},
{
"name": "e107-hide-sql-injection(49981)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49981"
},
{
"name": "53812",
"refsource": "OSVDB",
"url": "http://osvdb.org/53812"
},
{
"name": "8495",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8495"
},
{
"name": "34614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34614"
}
]
}
}

View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1611",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "8613",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8613"
},
{
"name" : "8621",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8621"
},
{
"name" : "34822",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34822"
},
{
"name" : "34838",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34838"
},
{
"name" : "ADV-2009-1263",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1263"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34838"
},
{
"name": "34822",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34822"
},
{
"name": "8621",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8621"
},
{
"name": "ADV-2009-1263",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1263"
},
{
"name": "8613",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8613"
}
]
}
}

View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc",
"refsource" : "CONFIRM",
"url" : "http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc"
},
{
"name" : "DSA-1839",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1839"
},
{
"name" : "GLSA-200907-11",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200907-11.xml"
},
{
"name" : "MDVSA-2009:130",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:130"
},
{
"name" : "RHSA-2009:1123",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1123.html"
},
{
"name" : "35172",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35172"
},
{
"name" : "54827",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/54827"
},
{
"name" : "oval:org.mitre.oval:def:10798",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798"
},
{
"name" : "35205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35205"
},
{
"name" : "35583",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35583"
},
{
"name" : "35777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35777"
},
{
"name" : "35897",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35897"
},
{
"name" : "ADV-2009-1506",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1506"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35777"
},
{
"name": "35583",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35583"
},
{
"name": "ADV-2009-1506",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1506"
},
{
"name": "DSA-1839",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1839"
},
{
"name": "GLSA-200907-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-11.xml"
},
{
"name": "http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc"
},
{
"name": "35205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35205"
},
{
"name": "35172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35172"
},
{
"name": "oval:org.mitre.oval:def:10798",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798"
},
{
"name": "35897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35897"
},
{
"name": "54827",
"refsource": "OSVDB",
"url": "http://osvdb.org/54827"
},
{
"name": "RHSA-2009:1123",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1123.html"
},
{
"name": "MDVSA-2009:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:130"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2124",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120420 CVE-2012-2124 assignment notification: squirrelmail: CVE-2010-2813 not fixed in RHSA-2012:0103",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/20/22"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=814671",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=814671"
},
{
"name" : "RHSA-2013:0126",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0126.html"
},
{
"name" : "51730",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51730"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51730",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51730"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=814671",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=814671"
},
{
"name": "[oss-security] 20120420 CVE-2012-2124 assignment notification: squirrelmail: CVE-2010-2813 not fixed in RHSA-2012:0103",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/20/22"
},
{
"name": "RHSA-2013:0126",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0126.html"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2461",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2461",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2672",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Oracle Mojarra 2.1.7 does not properly \"clean up\" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120606 CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/07/2"
},
{
"name" : "[oss-security] 20120606 Re: CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/07/3"
},
{
"name" : "https://issues.jboss.org/browse/JBPAPP-9197",
"refsource" : "MISC",
"url" : "https://issues.jboss.org/browse/JBPAPP-9197"
},
{
"name" : "http://java.net/jira/browse/JAVASERVERFACES-2436",
"refsource" : "CONFIRM",
"url" : "http://java.net/jira/browse/JAVASERVERFACES-2436"
},
{
"name" : "RHSA-2012:1591",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
},
{
"name" : "RHSA-2012:1592",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
},
{
"name" : "RHSA-2012:1594",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
},
{
"name" : "49284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49284"
},
{
"name" : "51607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51607"
},
{
"name" : "mojarra-facescontext-info-disc(76179)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76179"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Oracle Mojarra 2.1.7 does not properly \"clean up\" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.jboss.org/browse/JBPAPP-9197",
"refsource": "MISC",
"url": "https://issues.jboss.org/browse/JBPAPP-9197"
},
{
"name": "RHSA-2012:1594",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
},
{
"name": "mojarra-facescontext-info-disc(76179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76179"
},
{
"name": "49284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49284"
},
{
"name": "51607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51607"
},
{
"name": "RHSA-2012:1592",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
},
{
"name": "RHSA-2012:1591",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
},
{
"name": "http://java.net/jira/browse/JAVASERVERFACES-2436",
"refsource": "CONFIRM",
"url": "http://java.net/jira/browse/JAVASERVERFACES-2436"
},
{
"name": "[oss-security] 20120606 CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/2"
},
{
"name": "[oss-security] 20120606 Re: CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/3"
}
]
}
}

View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2728",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Node Hierarchy module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to hijack the authentication of administrators for requests that change a node hierarchy position via an (1) up or (2) down action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2728",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"name" : "http://drupal.org/node/1632900",
"refsource" : "MISC",
"url" : "http://drupal.org/node/1632900"
},
{
"name" : "http://drupal.org/node/1632432",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/1632432"
},
{
"name" : "http://drupalcode.org/project/nodehierarchy.git/commitdiff/8b4b3f5",
"refsource" : "CONFIRM",
"url" : "http://drupalcode.org/project/nodehierarchy.git/commitdiff/8b4b3f5"
},
{
"name" : "53993",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53993"
},
{
"name" : "drupal-nodehierarchy-unspecified-csrf(76345)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76345"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Node Hierarchy module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to hijack the authentication of administrators for requests that change a node hierarchy position via an (1) up or (2) down action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53993"
},
{
"name": "http://drupal.org/node/1632900",
"refsource": "MISC",
"url": "http://drupal.org/node/1632900"
},
{
"name": "drupal-nodehierarchy-unspecified-csrf(76345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76345"
},
{
"name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"name": "http://drupalcode.org/project/nodehierarchy.git/commitdiff/8b4b3f5",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/nodehierarchy.git/commitdiff/8b4b3f5"
},
{
"name": "http://drupal.org/node/1632432",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/1632432"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2847",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2012-2847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=127522",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=127522"
},
{
"name" : "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"
},
{
"name" : "oval:org.mitre.oval:def:15735",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15735"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/chromium/issues/detail?id=127522",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=127522"
},
{
"name": "oval:org.mitre.oval:def:15735",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15735"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3046",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3046",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3051",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/52_nx-os_release_note.html",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/52_nx-os_release_note.html"
},
{
"name" : "55600",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/55600"
},
{
"name" : "50671",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50671"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55600"
},
{
"name": "50671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50671"
},
{
"name": "http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/52_nx-os_release_note.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/52_nx-os_release_note.html"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3065",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3065",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3124",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "54528",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/54528"
},
{
"name" : "83942",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/83942"
},
{
"name" : "1027274",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027274"
},
{
"name" : "solaris-kernelkssl-dos(77048)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77048"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54528"
},
{
"name": "1027274",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027274"
},
{
"name": "solaris-kernelkssl-dos(77048)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77048"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "83942",
"refsource": "OSVDB",
"url": "http://osvdb.org/83942"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3191",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect availability via unknown vectors related to Data Mover."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "1027671",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027671"
},
{
"name" : "51001",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51001"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect availability via unknown vectors related to Data Mover."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51001"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "1027671",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027671"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}

View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3510",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120820 Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/08/20/12"
},
{
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19",
"refsource" : "CONFIRM",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=849722",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=849722"
},
{
"name" : "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
},
{
"name" : "RHSA-2012:1323",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1323.html"
},
{
"name" : "55144",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/55144"
},
{
"name" : "1027602",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027602"
},
{
"name" : "50811",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50811"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
},
{
"name": "50811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50811"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=849722",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=849722"
},
{
"name": "RHSA-2012:1323",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1323.html"
},
{
"name": "55144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55144"
},
{
"name": "[oss-security] 20120820 Re: CVE Request -- kernel: taskstats: use-after-free in xacct_add_tsk()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/20/12"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9"
},
{
"name": "1027602",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027602"
},
{
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19"
}
]
}
}

View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4068",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20120501 Citrix Provisioning Services SoapServer Heap Buffer Overflow",
"refsource" : "IDEFENSE",
"url" : "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=979"
},
{
"name" : "http://support.citrix.com/article/ctx133039",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/ctx133039"
},
{
"name" : "81664",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/81664"
},
{
"name" : "1027004",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027004"
},
{
"name" : "citrix-provisioning-server-code-execution(75311)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75311"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120501 Citrix Provisioning Services SoapServer Heap Buffer Overflow",
"refsource": "IDEFENSE",
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=979"
},
{
"name": "citrix-provisioning-server-code-execution(75311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75311"
},
{
"name": "http://support.citrix.com/article/ctx133039",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/ctx133039"
},
{
"name": "1027004",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027004"
},
{
"name": "81664",
"refsource": "OSVDB",
"url": "http://osvdb.org/81664"
}
]
}
}

View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4412",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20130907 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"name" : "http://sourceware.org/bugzilla/show_bug.cgi?id=14547",
"refsource" : "CONFIRM",
"url" : "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=855385",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"name" : "GLSA-201503-04",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201503-04"
},
{
"name" : "MDVSA-2013:283",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name" : "MDVSA-2013:284",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name" : "USN-1991-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name" : "55113",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55113"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55113"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=855385",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"name": "USN-1991-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "MDVSA-2013:284",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "[oss-security] 20130907 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6372",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6372",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6501",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "51341",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51341"
},
{
"name" : "78272",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/78272"
},
{
"name" : "47122",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47122"
},
{
"name" : "hp-pki-activex-dos(72250)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72250"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47122",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47122"
},
{
"name": "78272",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/78272"
},
{
"name": "51341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51341"
},
{
"name": "hp-pki-activex-dos(72250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72250"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6710",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://itsecuritysolutions.org/2012-12-31-eXtplorer-v2.1-authentication-bypass-vulnerability",
"refsource" : "MISC",
"url" : "http://itsecuritysolutions.org/2012-12-31-eXtplorer-v2.1-authentication-bypass-vulnerability"
},
{
"name" : "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201212-371",
"refsource" : "MISC",
"url" : "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201212-371"
},
{
"name" : "57058",
"refsource" : "BID",
"url" : "https://www.securityfocus.com/bid/57058"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201212-371",
"refsource": "MISC",
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201212-371"
},
{
"name": "57058",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/57058"
},
{
"name": "http://itsecuritysolutions.org/2012-12-31-eXtplorer-v2.1-authentication-bypass-vulnerability",
"refsource": "MISC",
"url": "http://itsecuritysolutions.org/2012-12-31-eXtplorer-v2.1-authentication-bypass-vulnerability"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-2012",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-2012",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-2039",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-2039",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}
}

View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-2417",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"CoreGraphics\" component. It allows remote attackers to cause a denial of service (infinite recursion) via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-2417",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT207601",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207601"
},
{
"name" : "https://support.apple.com/HT207602",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207602"
},
{
"name" : "https://support.apple.com/HT207615",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207615"
},
{
"name" : "https://support.apple.com/HT207617",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207617"
},
{
"name" : "97137",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97137"
},
{
"name" : "1038138",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038138"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"CoreGraphics\" component. It allows remote attackers to cause a denial of service (infinite recursion) via a crafted image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97137"
},
{
"name": "https://support.apple.com/HT207601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207601"
},
{
"name": "https://support.apple.com/HT207615",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207615"
},
{
"name": "1038138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038138"
},
{
"name": "https://support.apple.com/HT207602",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207602"
},
{
"name": "https://support.apple.com/HT207617",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207617"
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-2422",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the \"Multi-Touch\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-2422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT207615",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207615"
},
{
"name" : "97140",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97140"
},
{
"name" : "1038138",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038138"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the \"Multi-Touch\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97140"
},
{
"name": "https://support.apple.com/HT207615",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207615"
},
{
"name": "1038138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038138"
}
]
}
}

View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2017-2578",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Moodle 3.x",
"version" : {
"version_data" : [
{
"version_value" : "Moodle 3.x"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Moodle 3.x, there is XSS in the assignment submission page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moodle 3.x",
"version": {
"version_data": [
{
"version_value": "Moodle 3.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://moodle.org/mod/forum/discuss.php?d=345915",
"refsource" : "CONFIRM",
"url" : "https://moodle.org/mod/forum/discuss.php?d=345915"
},
{
"name" : "95647",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95647"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Moodle 3.x, there is XSS in the assignment submission page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=345915",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=345915"
},
{
"name": "95647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95647"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6222",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6222",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6383",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7855. Reason: This candidate is a reservation duplicate of CVE-2017-7855. Notes: All CVE users should reference CVE-2017-7855 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-6383",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7855. Reason: This candidate is a reservation duplicate of CVE-2017-7855. Notes: All CVE users should reference CVE-2017-7855 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6503",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
"refsource" : "CONFIRM",
"url" : "https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16"
},
{
"name" : "https://www.qbittorrent.org/news.php",
"refsource" : "CONFIRM",
"url" : "https://www.qbittorrent.org/news.php"
},
{
"name" : "96758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96758"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
"refsource": "CONFIRM",
"url": "https://github.com/qbittorrent/qBittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16"
},
{
"name": "96758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96758"
},
{
"name": "https://www.qbittorrent.org/news.php",
"refsource": "CONFIRM",
"url": "https://www.qbittorrent.org/news.php"
}
]
}
}

View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-6995",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the \"AVEVideoEncoder\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-6995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "42555",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42555/"
},
{
"name" : "https://support.apple.com/HT207798",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207798"
},
{
"name" : "https://support.apple.com/HT207800",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207800"
},
{
"name" : "https://support.apple.com/HT207801",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207801"
},
{
"name" : "98571",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98571"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the \"AVEVideoEncoder\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT207800",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207800"
},
{
"name": "42555",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42555/"
},
{
"name": "98571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98571"
},
{
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207798"
},
{
"name": "https://support.apple.com/HT207801",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207801"
}
]
}
}

View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11641",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://d3adend.org/blog/?p=1398",
"refsource" : "MISC",
"url" : "https://d3adend.org/blog/?p=1398"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://d3adend.org/blog/?p=1398",
"refsource": "MISC",
"url": "https://d3adend.org/blog/?p=1398"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11660",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11660",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11997",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11997",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14174",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14174",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14522",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/aubio/aubio/issues/188",
"refsource" : "MISC",
"url" : "https://github.com/aubio/aubio/issues/188"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aubio/aubio/issues/188",
"refsource": "MISC",
"url": "https://github.com/aubio/aubio/issues/188"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15030",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15030",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15156",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the \"hylafax_server\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the \"hylafax_server\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://insecurity.sh/reports/openemr.pdf",
"refsource": "MISC",
"url": "https://insecurity.sh/reports/openemr.pdf"
},
{
"name": "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource": "MISC",
"url": "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource": "CONFIRM",
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
},
{
"name": "https://github.com/openemr/openemr/pull/1757",
"refsource": "CONFIRM",
"url": "https://github.com/openemr/openemr/pull/1757"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15243",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15243",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15565",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/daveismyname/simple-cms/issues/2",
"refsource" : "MISC",
"url" : "https://github.com/daveismyname/simple-cms/issues/2"
},
{
"name" : "https://github.com/daveismyname/simple-cms/issues/3",
"refsource" : "MISC",
"url" : "https://github.com/daveismyname/simple-cms/issues/3"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/daveismyname/simple-cms/issues/2",
"refsource": "MISC",
"url": "https://github.com/daveismyname/simple-cms/issues/2"
},
{
"name": "https://github.com/daveismyname/simple-cms/issues/3",
"refsource": "MISC",
"url": "https://github.com/daveismyname/simple-cms/issues/3"
}
]
}
}

View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15871",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An invalid memory address dereference was discovered in decompileSingleArgBuiltInFunctionCall in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/libming/libming/issues/123",
"refsource" : "MISC",
"url" : "https://github.com/libming/libming/issues/123"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid memory address dereference was discovered in decompileSingleArgBuiltInFunctionCall in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/libming/libming/issues/123",
"refsource": "MISC",
"url": "https://github.com/libming/libming/issues/123"
}
]
}
}

View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15901",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/dhananjay-bajaj/e107_2.1.8_csrf",
"refsource" : "MISC",
"url" : "https://github.com/dhananjay-bajaj/e107_2.1.8_csrf"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dhananjay-bajaj/e107_2.1.8_csrf",
"refsource": "MISC",
"url": "https://github.com/dhananjay-bajaj/e107_2.1.8_csrf"
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20333",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20333",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20737",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20737",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20753",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88",
"refsource" : "MISC",
"url" : "https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88"
},
{
"name" : "https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152",
"refsource" : "MISC",
"url" : "https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88",
"refsource": "MISC",
"url": "https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88"
},
{
"name": "https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152",
"refsource": "MISC",
"url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152"
}
]
}
}