admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:00:21 +00:00
parent cbb8f287bd
commit d95e4164aa
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3992 additions and 3992 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2005/0xxx/CVE-2005-0076.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0076", "ID": "CVE-2005-0076",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library." "value": "Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-672", "name": "xview-xvparseone-bo(19271)",
"refsource" : "DEBIAN", "refsource": "XF",
"url" : "http://www.debian.org/security/2005/dsa-672" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19271"
}, },
{ {
"name" : "xview-xvparseone-bo(19271)", "name": "DSA-672",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19271" "url": "http://www.debian.org/security/2005/dsa-672"
} }
] ]
} }

80
2005/0xxx/CVE-2005-0270.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0270", "ID": "CVE-2005-0270",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the (1) si parameter to showcat.php, (2) cat or (3) page parameter to showproduct.php, or (4) report parameter to reportproduct.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the (1) si parameter to showcat.php, (2) cat or (3) page parameter to showproduct.php, or (4) report parameter to reportproduct.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050103 Serious Vulnerabilities In PhotoPost ReviewPost", "name": "reviewpost-php-xss(18731)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=110485682424110&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18731"
}, },
{ {
"name" : "http://www.gulftech.org/?node=research&article_id=00062-01022005", "name": "http://www.gulftech.org/?node=research&article_id=00062-01022005",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.gulftech.org/?node=research&article_id=00062-01022005" "url": "http://www.gulftech.org/?node=research&article_id=00062-01022005"
}, },
{ {
"name" : "13697", "name": "13697",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/13697/" "url": "http://secunia.com/advisories/13697/"
}, },
{ {
"name" : "reviewpost-php-xss(18731)", "name": "20050103 Serious Vulnerabilities In PhotoPost ReviewPost",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18731" "url": "http://marc.info/?l=bugtraq&m=110485682424110&w=2"
} }
] ]
} }

68
2005/0xxx/CVE-2005-0419.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0419", "ID": "CVE-2005-0419",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command." "value": "Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050207 Vulnerability in 3Com 3CServer v1.1", "name": "3cserver-multiple-command-bo(19250)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=110780306326130&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19250"
}, },
{ {
"name" : "3cserver-multiple-command-bo(19250)", "name": "20050207 Vulnerability in 3Com 3CServer v1.1",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19250" "url": "http://marc.info/?l=bugtraq&m=110780306326130&w=2"
} }
] ]
} }

80
2005/0xxx/CVE-2005-0542.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0542", "ID": "CVE-2005-0542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true." "value": "saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050224 Cyclades AlterPath Manager Vulnerabilities", "name": "14074",
"refsource" : "FULLDISC", "refsource": "OSVDB",
"url" : "http://marc.info/?l=full-disclosure&m=110924450827137&w=2" "url": "http://www.osvdb.org/14074"
}, },
{ {
"name" : "http://www.cirt.net/advisories/alterpath_privesc.shtml", "name": "14378",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.cirt.net/advisories/alterpath_privesc.shtml" "url": "http://secunia.com/advisories/14378"
}, },
{ {
"name" : "14074", "name": "20050224 Cyclades AlterPath Manager Vulnerabilities",
"refsource" : "OSVDB", "refsource": "FULLDISC",
"url" : "http://www.osvdb.org/14074" "url": "http://marc.info/?l=full-disclosure&m=110924450827137&w=2"
}, },
{ {
"name" : "14378", "name": "http://www.cirt.net/advisories/alterpath_privesc.shtml",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/14378" "url": "http://www.cirt.net/advisories/alterpath_privesc.shtml"
} }
] ]
} }

74
2005/0xxx/CVE-2005-0628.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0628", "ID": "CVE-2005-0628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050301 Forumwa search.php xss vulnerability", "name": "14418",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=110971101826900&w=2" "url": "http://secunia.com/advisories/14418"
}, },
{ {
"name" : "12689", "name": "20050301 Forumwa search.php xss vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/12689" "url": "http://marc.info/?l=bugtraq&m=110971101826900&w=2"
}, },
{ {
"name" : "14418", "name": "12689",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/14418" "url": "http://www.securityfocus.com/bid/12689"
} }
] ]
} }

86
2005/1xxx/CVE-2005-1283.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1283", "ID": "CVE-2005-1283",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367." "value": "Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050422 Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6", "name": "argosoft-mail-server-dir-traversal(20229)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=111419001527077&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20229"
}, },
{ {
"name" : "15821", "name": "20050422 Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/15821" "url": "http://marc.info/?l=bugtraq&m=111419001527077&w=2"
}, },
{ {
"name" : "15823", "name": "argosoft-mail-server-eml-files-dir-traversal(20226)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/15823" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20226"
}, },
{ {
"name" : "argosoft-mail-server-dir-traversal(20229)", "name": "15823",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20229" "url": "http://www.osvdb.org/15823"
}, },
{ {
"name" : "argosoft-mail-server-eml-files-dir-traversal(20226)", "name": "15821",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20226" "url": "http://www.osvdb.org/15821"
} }
] ]
} }

116
2005/1xxx/CVE-2005-1543.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1543", "ID": "CVE-2005-1543",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests." "value": "Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050518 NOVELL ZENWORKS MULTIPLE =?utf-8?Q?REM=C3=98TE?= STACK & HEAP OVERFLOWS", "name": "http://www.rem0te.com/public/images/zen.pdf",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=111645317713662&w=2" "url": "http://www.rem0te.com/public/images/zen.pdf"
}, },
{ {
"name" : "http://www.rem0te.com/public/images/zen.pdf", "name": "13678",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.rem0te.com/public/images/zen.pdf" "url": "http://www.securityfocus.com/bid/13678"
}, },
{ {
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm", "name": "novell-zenwork-remote-management-bo(20639)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20639"
}, },
{ {
"name" : "13678", "name": "1014005",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/13678" "url": "http://securitytracker.com/id?1014005"
}, },
{ {
"name" : "ADV-2005-0571", "name": "ADV-2005-0571",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/0571" "url": "http://www.vupen.com/english/advisories/2005/0571"
}, },
{ {
"name" : "1014005", "name": "20050518 NOVELL ZENWORKS MULTIPLE =?utf-8?Q?REM=C3=98TE?= STACK & HEAP OVERFLOWS",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1014005" "url": "http://marc.info/?l=bugtraq&m=111645317713662&w=2"
}, },
{ {
"name" : "15433", "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/15433" "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097644.htm"
}, },
{ {
"name" : "novell-zenwork-remote-management-1-bo(20644)", "name": "novell-zenwork-remote-management-2-bo(20645)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20644" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20645"
}, },
{ {
"name" : "novell-zenwork-remote-management-bo(20639)", "name": "15433",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20639" "url": "http://secunia.com/advisories/15433"
}, },
{ {
"name" : "novell-zenwork-remote-management-2-bo(20645)", "name": "novell-zenwork-remote-management-1-bo(20644)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20645" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20644"
} }
] ]
} }

68
2005/3xxx/CVE-2005-3215.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3215", "ID": "CVE-2005-3215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper." "value": "Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051007 Antivirus detection bypass by special crafted archive.", "name": "http://shadock.net/secubox/AVCraftedArchive.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=112879611919750&w=2" "url": "http://shadock.net/secubox/AVCraftedArchive.html"
}, },
{ {
"name" : "http://shadock.net/secubox/AVCraftedArchive.html", "name": "20051007 Antivirus detection bypass by special crafted archive.",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://shadock.net/secubox/AVCraftedArchive.html" "url": "http://marc.info/?l=bugtraq&m=112879611919750&w=2"
} }
] ]
} }

86
2005/3xxx/CVE-2005-3251.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3251", "ID": "CVE-2005-3251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via \"..\" sequences in the g2_itemId parameter." "value": "Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via \"..\" sequences in the g2_itemId parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://dipper.info/security/20051012/", "name": "http://gallery.menalto.com/gallery_2.0.1_released",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://dipper.info/security/20051012/" "url": "http://gallery.menalto.com/gallery_2.0.1_released"
}, },
{ {
"name" : "http://gallery.menalto.com/gallery_2.0.1_released", "name": "http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://gallery.menalto.com/gallery_2.0.1_released" "url": "http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html"
}, },
{ {
"name" : "http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html", "name": "17205",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html" "url": "http://secunia.com/advisories/17205"
}, },
{ {
"name" : "17205", "name": "http://dipper.info/security/20051012/",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/17205" "url": "http://dipper.info/security/20051012/"
}, },
{ {
"name" : "88", "name": "88",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/88" "url": "http://securityreason.com/securityalert/88"
} }
] ]
} }

92
2005/3xxx/CVE-2005-3657.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3657", "ID": "CVE-2005-3657",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object." "value": "The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051220 McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite", "name": "279",
"refsource" : "IDEFENSE", "refsource": "SREASON",
"url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=358" "url": "http://securityreason.com/securityalert/279"
}, },
{ {
"name" : "15986", "name": "1015390",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/15986" "url": "http://securitytracker.com/id?1015390"
}, },
{ {
"name" : "ADV-2005-3006", "name": "ADV-2005-3006",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/3006" "url": "http://www.vupen.com/english/advisories/2005/3006"
}, },
{ {
"name" : "1015390", "name": "20051220 McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite",
"refsource" : "SECTRACK", "refsource": "IDEFENSE",
"url" : "http://securitytracker.com/id?1015390" "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=358"
}, },
{ {
"name" : "18169", "name": "15986",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/18169" "url": "http://www.securityfocus.com/bid/15986"
}, },
{ {
"name" : "279", "name": "18169",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/279" "url": "http://secunia.com/advisories/18169"
} }
] ]
} }

92
2005/3xxx/CVE-2005-3780.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3780", "ID": "CVE-2005-3780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records." "value": "Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=372666", "name": "17681",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=372666" "url": "http://secunia.com/advisories/17681"
}, },
{ {
"name" : "15534", "name": "http://sourceforge.net/project/shownotes.php?release_id=372666",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/15534" "url": "http://sourceforge.net/project/shownotes.php?release_id=372666"
}, },
{ {
"name" : "ADV-2005-2523", "name": "21037",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2005/2523" "url": "http://www.osvdb.org/21037"
}, },
{ {
"name" : "21036", "name": "21036",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/21036" "url": "http://www.osvdb.org/21036"
}, },
{ {
"name" : "21037", "name": "ADV-2005-2523",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/21037" "url": "http://www.vupen.com/english/advisories/2005/2523"
}, },
{ {
"name" : "17681", "name": "15534",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/17681" "url": "http://www.securityfocus.com/bid/15534"
} }
] ]
} }

128
2005/4xxx/CVE-2005-4360.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4360", "ID": "CVE-2005-4360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to \".dll\" followed by arguments such as \"~0\" through \"~9\", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using \"/_vti_bin/.dll/*/~0\". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot)." "value": "The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to \".dll\" followed by arguments such as \"~0\" through \"~9\", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using \"/_vti_bin/.dll/*/~0\". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051216 Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit", "name": "SSRT071446",
"refsource" : "BUGTRAQ", "refsource": "HP",
"url" : "http://www.securityfocus.com/archive/1/419707/100/0/threaded" "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html"
}, },
{ {
"name" : "http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html", "name": "20051216 Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html" "url": "http://www.securityfocus.com/archive/1/419707/100/0/threaded"
}, },
{ {
"name" : "SSRT071446", "name": "oval:org.mitre.oval:def:1703",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1703"
}, },
{ {
"name" : "MS07-041", "name": "271",
"refsource" : "MS", "refsource": "SREASON",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-041" "url": "http://securityreason.com/securityalert/271"
}, },
{ {
"name" : "TA07-191A", "name": "1015376",
"refsource" : "CERT", "refsource": "SECTRACK",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-191A.html" "url": "http://securitytracker.com/alerts/2005/Dec/1015376.html"
}, },
{ {
"name" : "15921", "name": "21805",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/15921" "url": "http://www.osvdb.org/21805"
}, },
{ {
"name" : "ADV-2005-2963", "name": "http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html",
"refsource" : "VUPEN", "refsource": "MISC",
"url" : "http://www.vupen.com/english/advisories/2005/2963" "url": "http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html"
}, },
{ {
"name" : "21805", "name": "ADV-2005-2963",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/21805" "url": "http://www.vupen.com/english/advisories/2005/2963"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1703", "name": "MS07-041",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1703" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-041"
}, },
{ {
"name" : "1015376", "name": "15921",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/alerts/2005/Dec/1015376.html" "url": "http://www.securityfocus.com/bid/15921"
}, },
{ {
"name" : "18106", "name": "TA07-191A",
"refsource" : "SECUNIA", "refsource": "CERT",
"url" : "http://secunia.com/advisories/18106" "url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html"
}, },
{ {
"name" : "271", "name": "18106",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/271" "url": "http://secunia.com/advisories/18106"
} }
] ]
} }

74
2005/4xxx/CVE-2005-4764.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4764", "ID": "CVE-2005-4764",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins)." "value": "BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "BEA05-101.00", "name": "BEA05-101.00",
"refsource" : "BEA", "refsource": "BEA",
"url" : "http://dev2dev.bea.com/pub/advisory/155" "url": "http://dev2dev.bea.com/pub/advisory/155"
}, },
{ {
"name" : "15052", "name": "15052",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/15052" "url": "http://www.securityfocus.com/bid/15052"
}, },
{ {
"name" : "17138", "name": "17138",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/17138" "url": "http://secunia.com/advisories/17138"
} }
] ]
} }

104
2009/0xxx/CVE-2009-0160.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0160", "ID": "CVE-2009-0160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption." "value": "QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT3549", "name": "http://support.apple.com/kb/HT3549",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT3549" "url": "http://support.apple.com/kb/HT3549"
}, },
{ {
"name" : "APPLE-SA-2009-05-12", "name": "34937",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" "url": "http://www.securityfocus.com/bid/34937"
}, },
{ {
"name" : "TA09-133A", "name": "35074",
"refsource" : "CERT", "refsource": "SECUNIA",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" "url": "http://secunia.com/advisories/35074"
}, },
{ {
"name" : "34926", "name": "1022209",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/34926" "url": "http://www.securitytracker.com/id?1022209"
}, },
{ {
"name" : "34937", "name": "APPLE-SA-2009-05-12",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/34937" "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
}, },
{ {
"name" : "1022209", "name": "34926",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1022209" "url": "http://www.securityfocus.com/bid/34926"
}, },
{ {
"name" : "35074", "name": "TA09-133A",
"refsource" : "SECUNIA", "refsource": "CERT",
"url" : "http://secunia.com/advisories/35074" "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
}, },
{ {
"name" : "ADV-2009-1297", "name": "ADV-2009-1297",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1297" "url": "http://www.vupen.com/english/advisories/2009/1297"
} }
] ]
} }

122
2009/0xxx/CVE-2009-0238.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-0238", "ID": "CVE-2009-0238",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC." "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://blogs.zdnet.com/security/?p=2658", "name": "http://www.microsoft.com/technet/security/advisory/968272.mspx",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://blogs.zdnet.com/security/?p=2658" "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
}, },
{ {
"name" : "http://isc.sans.org/diary.html?storyid=5923", "name": "ADV-2009-1023",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://isc.sans.org/diary.html?storyid=5923" "url": "http://www.vupen.com/english/advisories/2009/1023"
}, },
{ {
"name" : "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99", "name": "ms-excel-unspecified-code-execution(48875)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
}, },
{ {
"name" : "http://www.microsoft.com/technet/security/advisory/968272.mspx", "name": "TA09-104A",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://www.microsoft.com/technet/security/advisory/968272.mspx" "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
}, },
{ {
"name" : "MS09-009", "name": "33870",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009" "url": "http://www.securityfocus.com/bid/33870"
}, },
{ {
"name" : "TA09-104A", "name": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99",
"refsource" : "CERT", "refsource": "MISC",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
}, },
{ {
"name" : "33870", "name": "MS09-009",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/33870" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5968", "name": "oval:org.mitre.oval:def:5968",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
}, },
{ {
"name" : "1021744", "name": "http://isc.sans.org/diary.html?storyid=5923",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1021744" "url": "http://isc.sans.org/diary.html?storyid=5923"
}, },
{ {
"name" : "ADV-2009-1023", "name": "1021744",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2009/1023" "url": "http://securitytracker.com/id?1021744"
}, },
{ {
"name" : "ms-excel-unspecified-code-execution(48875)", "name": "http://blogs.zdnet.com/security/?p=2658",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875" "url": "http://blogs.zdnet.com/security/?p=2658"
} }
] ]
} }

92
2009/0xxx/CVE-2009-0345.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0345", "ID": "CVE-2009-0345",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6648082, a different vulnerability than CVE-2007-5717." "value": "Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6648082, a different vulnerability than CVE-2007-5717."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "239886", "name": "33506",
"refsource" : "SUNALERT", "refsource": "BID",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239886-1" "url": "http://www.securityfocus.com/bid/33506"
}, },
{ {
"name" : "33506", "name": "ADV-2009-0281",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/33506" "url": "http://www.vupen.com/english/advisories/2009/0281"
}, },
{ {
"name" : "ADV-2009-0281", "name": "33726",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/0281" "url": "http://secunia.com/advisories/33726"
}, },
{ {
"name" : "1021646", "name": "sunfire-elom-unauth-access(48329)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1021646" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48329"
}, },
{ {
"name" : "33726", "name": "239886",
"refsource" : "SECUNIA", "refsource": "SUNALERT",
"url" : "http://secunia.com/advisories/33726" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239886-1"
}, },
{ {
"name" : "sunfire-elom-unauth-access(48329)", "name": "1021646",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48329" "url": "http://www.securitytracker.com/id?1021646"
} }
] ]
} }

98
2009/0xxx/CVE-2009-0537.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0537", "ID": "CVE-2009-0537",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise." "value": "Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090304 libc:fts_*():multiple vendors, Denial-of-service", "name": "8163",
"refsource" : "SREASONRES", "refsource": "EXPLOIT-DB",
"url" : "http://securityreason.com/achievement_securityalert/60" "url": "https://www.exploit-db.com/exploits/8163"
}, },
{ {
"name" : "20090305 libc:fts_*():multiple vendors, Denial-of-service", "name": "1021818",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/archive/1/501505/100/0/threaded" "url": "http://www.securitytracker.com/id?1021818"
}, },
{ {
"name" : "8163", "name": "20090304 libc:fts_*():multiple vendors, Denial-of-service",
"refsource" : "EXPLOIT-DB", "refsource": "SREASONRES",
"url" : "https://www.exploit-db.com/exploits/8163" "url": "http://securityreason.com/achievement_securityalert/60"
}, },
{ {
"name" : "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c", "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41;r2=1.42;f=h",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c" "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41;r2=1.42;f=h"
}, },
{ {
"name" : "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41;r2=1.42;f=h", "name": "34008",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41;r2=1.42;f=h" "url": "http://www.securityfocus.com/bid/34008"
}, },
{ {
"name" : "34008", "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/34008" "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c"
}, },
{ {
"name" : "1021818", "name": "20090305 libc:fts_*():multiple vendors, Denial-of-service",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://www.securitytracker.com/id?1021818" "url": "http://www.securityfocus.com/archive/1/501505/100/0/threaded"
} }
] ]
} }

104
2009/0xxx/CVE-2009-0993.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2009-0993", "ID": "CVE-2009-0993",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a format string vulnerability that allows remote attackers to execute arbitrary code via format string specifiers in an HTTP POST URI, which are not properly handled when logging to opmn/logs/opmn.log." "value": "Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a format string vulnerability that allows remote attackers to execute arbitrary code via format string specifiers in an HTTP POST URI, which are not properly handled when logging to opmn/logs/opmn.log."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090414 ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability", "name": "1022055",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/archive/1/502683/100/0/threaded" "url": "http://www.securitytracker.com/id?1022055"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-09-017", "name": "34461",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-09-017" "url": "http://www.securityfocus.com/bid/34461"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html", "name": "34693",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html" "url": "http://secunia.com/advisories/34693"
}, },
{ {
"name" : "TA09-105A", "name": "TA09-105A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-105A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
}, },
{ {
"name" : "34461", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/34461" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
}, },
{ {
"name" : "1022055", "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-017",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id?1022055" "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-017"
}, },
{ {
"name" : "34693", "name": "oracle-appserver-opmn-unspecified(50030)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/34693" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50030"
}, },
{ {
"name" : "oracle-appserver-opmn-unspecified(50030)", "name": "20090414 ZDI-09-017: Oracle Applications Server 10g Format String Vulnerability",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50030" "url": "http://www.securityfocus.com/archive/1/502683/100/0/threaded"
} }
] ]
} }

68
2009/3xxx/CVE-2009-3057.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3057", "ID": "CVE-2009-3057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to (1) news.php and (2) partneralle.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to (1) news.php and (2) partneralle.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/0909-exploits/beex-xss.txt", "name": "36550",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://packetstormsecurity.org/0909-exploits/beex-xss.txt" "url": "http://secunia.com/advisories/36550"
}, },
{ {
"name" : "36550", "name": "http://packetstormsecurity.org/0909-exploits/beex-xss.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/36550" "url": "http://packetstormsecurity.org/0909-exploits/beex-xss.txt"
} }
] ]
} }

68
2009/3xxx/CVE-2009-3088.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3088", "ID": "CVE-2009-3088",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes." "value": "Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://intevydis.com/vd-list.shtml", "name": "36565",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://intevydis.com/vd-list.shtml" "url": "http://secunia.com/advisories/36565"
}, },
{ {
"name" : "36565", "name": "http://intevydis.com/vd-list.shtml",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/36565" "url": "http://intevydis.com/vd-list.shtml"
} }
] ]
} }

86
2009/3xxx/CVE-2009-3281.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3281", "ID": "CVE-2009-3281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors." "value": "The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[security-announce] 20091001 VMSA-2009-0013 VMware Fusion resolves two security issues", "name": "[security-announce] 20091001 VMSA-2009-0013 VMware Fusion resolves two security issues",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2009/000066.html" "url": "http://lists.vmware.com/pipermail/security-announce/2009/000066.html"
}, },
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0013.html", "name": "ADV-2009-2811",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0013.html" "url": "http://www.vupen.com/english/advisories/2009/2811"
}, },
{ {
"name" : "1022981", "name": "http://www.vmware.com/security/advisories/VMSA-2009-0013.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1022981" "url": "http://www.vmware.com/security/advisories/VMSA-2009-0013.html"
}, },
{ {
"name" : "36928", "name": "36928",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/36928" "url": "http://secunia.com/advisories/36928"
}, },
{ {
"name" : "ADV-2009-2811", "name": "1022981",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2009/2811" "url": "http://securitytracker.com/id?1022981"
} }
] ]
} }

104
2009/3xxx/CVE-2009-3880.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3880", "ID": "CVE-2009-3880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512." "value": "The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html", "name": "oval:org.mitre.oval:def:7316",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316"
}, },
{ {
"name" : "http://java.sun.com/javase/6/webnotes/6u17.html", "name": "oval:org.mitre.oval:def:10761",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://java.sun.com/javase/6/webnotes/6u17.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=530296", "name": "GLSA-200911-02",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=530296" "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
}, },
{ {
"name" : "GLSA-200911-02", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=530296",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530296"
}, },
{ {
"name" : "MDVSA-2010:084", "name": "http://java.sun.com/javase/6/webnotes/6u17.html",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10761", "name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761" "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:7316", "name": "MDVSA-2010:084",
"refsource" : "OVAL", "refsource": "MANDRIVA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
}, },
{ {
"name" : "37386", "name": "37386",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/37386" "url": "http://secunia.com/advisories/37386"
} }
] ]
} }

74
2009/4xxx/CVE-2009-4008.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4008", "ID": "CVE-2009-4008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query." "value": "Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packages.debian.org/changelogs/pool/main/u/unbound/unbound_1.4.6-1/changelog", "name": "http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packages.debian.org/changelogs/pool/main/u/unbound/unbound_1.4.6-1/changelog" "url": "http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz"
}, },
{ {
"name" : "http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz", "name": "http://packages.debian.org/changelogs/pool/main/u/unbound/unbound_1.4.6-1/changelog",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz" "url": "http://packages.debian.org/changelogs/pool/main/u/unbound/unbound_1.4.6-1/changelog"
}, },
{ {
"name" : "DSA-2243", "name": "DSA-2243",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2243" "url": "http://www.debian.org/security/2011/dsa-2243"
} }
] ]
} }

92
2009/4xxx/CVE-2009-4060.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4060", "ID": "CVE-2009-4060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter." "value": "SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://forums.cubecart.com/index.php?showtopic=39900", "name": "37065",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://forums.cubecart.com/index.php?showtopic=39900" "url": "http://www.securityfocus.com/bid/37065"
}, },
{ {
"name" : "37065", "name": "60306",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/37065" "url": "http://osvdb.org/60306"
}, },
{ {
"name" : "60306", "name": "http://forums.cubecart.com/index.php?showtopic=39900",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/60306" "url": "http://forums.cubecart.com/index.php?showtopic=39900"
}, },
{ {
"name" : "37402", "name": "ADV-2009-3290",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/37402" "url": "http://www.vupen.com/english/advisories/2009/3290"
}, },
{ {
"name" : "ADV-2009-3290", "name": "37402",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/3290" "url": "http://secunia.com/advisories/37402"
}, },
{ {
"name" : "cubecart-viewprod-sql-injection(54331)", "name": "cubecart-viewprod-sql-injection(54331)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54331" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54331"
} }
] ]
} }

80
2009/4xxx/CVE-2009-4765.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4765", "ID": "CVE-2009-4765",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb." "value": "CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/1001-exploits/aspcnrhikaye-disclose.txt", "name": "61480",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://packetstormsecurity.org/1001-exploits/aspcnrhikaye-disclose.txt" "url": "http://www.osvdb.org/61480"
}, },
{ {
"name" : "61480", "name": "38103",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/61480" "url": "http://secunia.com/advisories/38103"
}, },
{ {
"name" : "38103", "name": "http://packetstormsecurity.org/1001-exploits/aspcnrhikaye-disclose.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/38103" "url": "http://packetstormsecurity.org/1001-exploits/aspcnrhikaye-disclose.txt"
}, },
{ {
"name" : "ADV-2010-0032", "name": "ADV-2010-0032",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0032" "url": "http://www.vupen.com/english/advisories/2010/0032"
} }
] ]
} }

80
2009/4xxx/CVE-2009-4805.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4805", "ID": "CVE-2009-4805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php." "value": "Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090301 EZ-Blog Beta 1 Multiple SQL Injection", "name": "ezblog-view-sql-injection(49013)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/501352/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49013"
}, },
{ {
"name" : "8128", "name": "8128",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/8128" "url": "http://www.exploit-db.com/exploits/8128"
}, },
{ {
"name" : "33947", "name": "20090301 EZ-Blog Beta 1 Multiple SQL Injection",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/33947" "url": "http://www.securityfocus.com/archive/1/501352/100/0/threaded"
}, },
{ {
"name" : "ezblog-view-sql-injection(49013)", "name": "33947",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49013" "url": "http://www.securityfocus.com/bid/33947"
} }
] ]
} }

92
2009/4xxx/CVE-2009-4824.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4824", "ID": "CVE-2009-4824",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an \"image upload form.\"" "value": "Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an \"image upload form.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt", "name": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt" "url": "http://files.kolab.org/server/release/kolab-server-2.2.3/sources/release-notes.txt"
}, },
{ {
"name" : "MDVSA-2010:108", "name": "37918",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108" "url": "http://secunia.com/advisories/37918"
}, },
{ {
"name" : "37465", "name": "MDVSA-2010:108",
"refsource" : "BID", "refsource": "MANDRIVA",
"url" : "http://www.securityfocus.com/bid/37465" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:108"
}, },
{ {
"name" : "61301", "name": "61301",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/61301" "url": "http://osvdb.org/61301"
}, },
{ {
"name" : "37918", "name": "ADV-2010-1245",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/37918" "url": "http://www.vupen.com/english/advisories/2010/1245"
}, },
{ {
"name" : "ADV-2010-1245", "name": "37465",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2010/1245" "url": "http://www.securityfocus.com/bid/37465"
} }
] ]
} }

68
2012/2xxx/CVE-2012-2361.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2361", "ID": "CVE-2012-2361",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php." "value": "Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120523 Moodle security notifications public", "name": "[oss-security] 20120523 Moodle security notifications public",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/05/23/2" "url": "http://openwall.com/lists/oss-security/2012/05/23/2"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694" "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694"
} }
] ]
} }

22
2012/2xxx/CVE-2012-2600.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2600", "ID": "CVE-2012-2600",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2012/2xxx/CVE-2012-2719.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2719", "ID": "CVE-2012-2719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed using multiple different browsers from the same IP address, causes Internet Explorer sessions to \"switch users\" when uploading a file, which has unspecified impact possibly involving file uploads to the wrong user directory, aka \"Session Management Vulnerability.\"" "value": "The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed using multiple different browsers from the same IP address, causes Internet Explorer sessions to \"switch users\" when uploading a file, which has unspecified impact possibly involving file uploads to the wrong user directory, aka \"Session Management Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
}, },
{ {
"name" : "http://drupal.org/node/1608864", "name": "82575",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://drupal.org/node/1608864" "url": "http://www.osvdb.org/82575"
}, },
{ {
"name" : "http://drupal.org/node/1598782", "name": "http://drupal.org/node/1608864",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://drupal.org/node/1598782" "url": "http://drupal.org/node/1608864"
}, },
{ {
"name" : "82575", "name": "http://drupal.org/node/1598782",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/82575" "url": "http://drupal.org/node/1598782"
}, },
{ {
"name" : "49316", "name": "49316",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49316" "url": "http://secunia.com/advisories/49316"
} }
] ]
} }

92
2012/2xxx/CVE-2012-2928.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2928", "ID": "CVE-2012-2928",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors." "value": "The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17", "name": "49166",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17" "url": "http://secunia.com/advisories/49166"
}, },
{ {
"name" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17", "name": "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17" "url": "http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17"
}, },
{ {
"name" : "53595", "name": "81993",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/53595" "url": "http://osvdb.org/81993"
}, },
{ {
"name" : "81993", "name": "53595",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/81993" "url": "http://www.securityfocus.com/bid/53595"
}, },
{ {
"name" : "49166", "name": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/49166" "url": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17"
}, },
{ {
"name" : "jira-xml-dos(75697)", "name": "jira-xml-dos(75697)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75697" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75697"
} }
] ]
} }

68
2015/0xxx/CVE-2015-0386.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-0386", "ID": "CVE-2015-0386",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191." "value": "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}, },
{ {
"name" : "72193", "name": "72193",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/72193" "url": "http://www.securityfocus.com/bid/72193"
} }
] ]
} }

74
2015/0xxx/CVE-2015-0732.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0732", "ID": "CVE-2015-0732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37430, CSCuu37420, CSCut71981, and CSCuv50167." "value": "Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37430, CSCuu37420, CSCut71981, and CSCuv50167."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150727 Cisco Email Security Appliance AsyncOS Cross-Site Scripting Vulnerability", "name": "1033086",
"refsource" : "CISCO", "refsource": "SECTRACK",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40172" "url": "http://www.securitytracker.com/id/1033086"
}, },
{ {
"name" : "1033086", "name": "20150727 Cisco Email Security Appliance AsyncOS Cross-Site Scripting Vulnerability",
"refsource" : "SECTRACK", "refsource": "CISCO",
"url" : "http://www.securitytracker.com/id/1033086" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40172"
}, },
{ {
"name" : "1033087", "name": "1033087",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033087" "url": "http://www.securitytracker.com/id/1033087"
} }
] ]
} }

22
2015/1xxx/CVE-2015-1025.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1025", "ID": "CVE-2015-1025",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2015/1xxx/CVE-2015-1780.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1780", "ID": "CVE-2015-1780",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2015/1xxx/CVE-2015-1982.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1982", "ID": "CVE-2015-1982",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to obtain sensitive information via a crafted request, which reveals the full path in an error message." "value": "IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to obtain sensitive information via a crafted request, which reveals the full path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960244", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960244",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960244" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960244"
}, },
{ {
"name" : "75477", "name": "75477",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/75477" "url": "http://www.securityfocus.com/bid/75477"
} }
] ]
} }

74
2015/5xxx/CVE-2015-5087.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-5087", "ID": "CVE-2015-5087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3095, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115." "value": "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3095, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html", "name": "1032892",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html" "url": "http://www.securitytracker.com/id/1032892"
}, },
{ {
"name" : "75740", "name": "https://helpx.adobe.com/security/products/reader/apsb15-15.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/75740" "url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
}, },
{ {
"name" : "1032892", "name": "75740",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1032892" "url": "http://www.securityfocus.com/bid/75740"
} }
] ]
} }

68
2015/5xxx/CVE-2015-5152.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5152", "ID": "CVE-2015-5152",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack." "value": "Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://projects.theforeman.org/issues/11119", "name": "http://projects.theforeman.org/issues/11119",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://projects.theforeman.org/issues/11119" "url": "http://projects.theforeman.org/issues/11119"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243571", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1243571",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243571" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243571"
} }
] ]
} }

74
2015/5xxx/CVE-2015-5167.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5167", "ID": "CVE-2015-5167",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API." "value": "The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[ranger-dev] 20160205 CVE update (CVE-2015-5167 & CVE-2016-0733) - Fixed in Ranger 0.5.1", "name": "82871",
"refsource" : "MLIST", "refsource": "BID",
"url" : "https://mail-archives.apache.org/mod_mbox/ranger-dev/201602.mbox/%3CD2D9A4C5.114ECA%25vel@apache.org%3E" "url": "http://www.securityfocus.com/bid/82871"
}, },
{ {
"name" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger", "name": "[ranger-dev] 20160205 CVE update (CVE-2015-5167 & CVE-2016-0733) - Fixed in Ranger 0.5.1",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger" "url": "https://mail-archives.apache.org/mod_mbox/ranger-dev/201602.mbox/%3CD2D9A4C5.114ECA%25vel@apache.org%3E"
}, },
{ {
"name" : "82871", "name": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/82871" "url": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger"
} }
] ]
} }

80
2015/5xxx/CVE-2015-5264.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5264", "ID": "CVE-2015-5264",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role." "value": "The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150921 Moodle security release", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2015/09/21/1" "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516", "name": "[oss-security] 20150921 Moodle security release",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516" "url": "http://www.openwall.com/lists/oss-security/2015/09/21/1"
}, },
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=320287", "name": "1033619",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://moodle.org/mod/forum/discuss.php?d=320287" "url": "http://www.securitytracker.com/id/1033619"
}, },
{ {
"name" : "1033619", "name": "https://moodle.org/mod/forum/discuss.php?d=320287",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1033619" "url": "https://moodle.org/mod/forum/discuss.php?d=320287"
} }
] ]
} }

80
2015/5xxx/CVE-2015-5759.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5759", "ID": "CVE-2015-5759",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events." "value": "WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/kb/HT205030", "name": "https://support.apple.com/kb/HT205030",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/kb/HT205030" "url": "https://support.apple.com/kb/HT205030"
}, },
{ {
"name" : "APPLE-SA-2015-08-13-3", "name": "1033275",
"refsource" : "APPLE", "refsource": "SECTRACK",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" "url": "http://www.securitytracker.com/id/1033275"
}, },
{ {
"name" : "76337", "name": "76337",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/76337" "url": "http://www.securityfocus.com/bid/76337"
}, },
{ {
"name" : "1033275", "name": "APPLE-SA-2015-08-13-3",
"refsource" : "SECTRACK", "refsource": "APPLE",
"url" : "http://www.securitytracker.com/id/1033275" "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
} }
] ]
} }

80
2015/5xxx/CVE-2015-5772.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5772", "ID": "CVE-2015-5772",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file." "value": "Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/kb/HT205031", "name": "76340",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/kb/HT205031" "url": "http://www.securityfocus.com/bid/76340"
}, },
{ {
"name" : "APPLE-SA-2015-08-13-2", "name": "APPLE-SA-2015-08-13-2",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
}, },
{ {
"name" : "76340", "name": "https://support.apple.com/kb/HT205031",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/76340" "url": "https://support.apple.com/kb/HT205031"
}, },
{ {
"name" : "1033276", "name": "1033276",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033276" "url": "http://www.securitytracker.com/id/1033276"
} }
] ]
} }

80
2018/11xxx/CVE-2018-11237.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11237", "ID": "CVE-2018-11237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper." "value": "An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44750", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/44750/" "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
}, },
{ {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23196", "name": "44750",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23196" "url": "https://www.exploit-db.com/exploits/44750/"
}, },
{ {
"name" : "RHSA-2018:3092", "name": "104256",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2018:3092" "url": "http://www.securityfocus.com/bid/104256"
}, },
{ {
"name" : "104256", "name": "RHSA-2018:3092",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/104256" "url": "https://access.redhat.com/errata/RHSA-2018:3092"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11268.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11268", "ID": "CVE-2018-11268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016" "version_value": "FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options." "value": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Validation of Array Index in Storage" "value": "Improper Validation of Array Index in Storage"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "url": "https://www.qualcomm.com/company/product-security/bulletins"
}, },
{ {
"name" : "106845", "name": "106845",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/106845" "url": "http://www.securityfocus.com/bid/106845"
} }
] ]
} }

22
2018/11xxx/CVE-2018-11933.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11933", "ID": "CVE-2018-11933",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/3xxx/CVE-2018-3487.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3487", "ID": "CVE-2018-3487",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/3xxx/CVE-2018-3493.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3493", "ID": "CVE-2018-3493",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

64
2018/3xxx/CVE-2018-3725.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2018-3725", "ID": "CVE-2018-3725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "hekto node module", "product_name": "hekto node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path." "value": "hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Path Traversal (CWE-22)" "value": "Path Traversal (CWE-22)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://hackerone.com/reports/311218", "name": "https://hackerone.com/reports/311218",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://hackerone.com/reports/311218" "url": "https://hackerone.com/reports/311218"
} }
] ]
} }

94
2018/6xxx/CVE-2018-6111.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-6111", "ID": "CVE-2018-6111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "66.0.3359.117" "version_value": "66.0.3359.117"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page." "value": "An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use after free" "value": "Use after free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://crbug.com/780694", "name": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://crbug.com/780694" "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
}, },
{ {
"name" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html", "name": "GLSA-201804-22",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html" "url": "https://security.gentoo.org/glsa/201804-22"
}, },
{ {
"name" : "DSA-4182", "name": "https://crbug.com/780694",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "https://www.debian.org/security/2018/dsa-4182" "url": "https://crbug.com/780694"
}, },
{ {
"name" : "GLSA-201804-22", "name": "DSA-4182",
"refsource" : "GENTOO", "refsource": "DEBIAN",
"url" : "https://security.gentoo.org/glsa/201804-22" "url": "https://www.debian.org/security/2018/dsa-4182"
}, },
{ {
"name" : "RHSA-2018:1195", "name": "103917",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2018:1195" "url": "http://www.securityfocus.com/bid/103917"
}, },
{ {
"name" : "103917", "name": "RHSA-2018:1195",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/103917" "url": "https://access.redhat.com/errata/RHSA-2018:1195"
} }
] ]
} }

22
2018/7xxx/CVE-2018-7133.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7133", "ID": "CVE-2018-7133",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

64
2018/7xxx/CVE-2018-7238.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cybersecurity@se.com", "ASSIGNER": "cybersecurity@schneider-electric.com",
"DATE_PUBLIC" : "2018-03-01T00:00:00", "DATE_PUBLIC": "2018-03-01T00:00:00",
"ID" : "CVE-2018-7238", "ID": "CVE-2018-7238",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Pelco Sarix Professional", "product_name": "Pelco Sarix Professional",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all firmware versions prior to 3.29.78" "version_value": "all firmware versions prior to 3.29.78"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Schneider Electric SE" "vendor_name": "Schneider Electric SE"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code." "value": "A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Overflow" "value": "Buffer Overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/"
} }
] ]
} }

22
2018/7xxx/CVE-2018-7348.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7348", "ID": "CVE-2018-7348",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

134
2018/7xxx/CVE-2018-7584.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7584", "ID": "CVE-2018-7584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string." "value": "In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44846", "name": "USN-3600-1",
"refsource" : "EXPLOIT-DB", "refsource": "UBUNTU",
"url" : "https://www.exploit-db.com/exploits/44846/" "url": "https://usn.ubuntu.com/3600-1/"
}, },
{ {
"name" : "[debian-lts-announce] 20180329 [SECURITY] [DLA 1326-1] php5 security update", "name": "DSA-4240",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html" "url": "https://www.debian.org/security/2018/dsa-4240"
}, },
{ {
"name" : "[debian-lts-announce] 20180626 [SECURITY] [DLA 1397-1] php5 security update", "name": "https://bugs.php.net/bug.php?id=75981",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html" "url": "https://bugs.php.net/bug.php?id=75981"
}, },
{ {
"name" : "http://php.net/ChangeLog-7.php", "name": "[debian-lts-announce] 20180329 [SECURITY] [DLA 1326-1] php5 security update",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://php.net/ChangeLog-7.php" "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html"
}, },
{ {
"name" : "https://bugs.php.net/bug.php?id=75981", "name": "https://www.tenable.com/security/tns-2018-12",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=75981" "url": "https://www.tenable.com/security/tns-2018-12"
}, },
{ {
"name" : "https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba", "name": "https://www.tenable.com/security/tns-2018-03",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba" "url": "https://www.tenable.com/security/tns-2018-03"
}, },
{ {
"name" : "https://www.tenable.com/security/tns-2018-03", "name": "1041607",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://www.tenable.com/security/tns-2018-03" "url": "http://www.securitytracker.com/id/1041607"
}, },
{ {
"name" : "https://www.tenable.com/security/tns-2018-12", "name": "https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2018-12" "url": "https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba"
}, },
{ {
"name" : "DSA-4240", "name": "44846",
"refsource" : "DEBIAN", "refsource": "EXPLOIT-DB",
"url" : "https://www.debian.org/security/2018/dsa-4240" "url": "https://www.exploit-db.com/exploits/44846/"
}, },
{ {
"name" : "USN-3600-1", "name": "http://php.net/ChangeLog-7.php",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3600-1/" "url": "http://php.net/ChangeLog-7.php"
}, },
{ {
"name" : "USN-3600-2", "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1397-1] php5 security update",
"refsource" : "UBUNTU", "refsource": "MLIST",
"url" : "https://usn.ubuntu.com/3600-2/" "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html"
}, },
{ {
"name" : "103204", "name": "USN-3600-2",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/103204" "url": "https://usn.ubuntu.com/3600-2/"
}, },
{ {
"name" : "1041607", "name": "103204",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1041607" "url": "http://www.securityfocus.com/bid/103204"
} }
] ]
} }

22
2018/7xxx/CVE-2018-7898.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7898", "ID": "CVE-2018-7898",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/7xxx/CVE-2018-7931.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2018-7931", "ID": "CVE-2018-7931",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AppGallery", "product_name": "AppGallery",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "The versions before 8.0.4.301" "version_value": "The versions before 8.0.4.301"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism." "value": "Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "whitelist mechanism bypass" "value": "whitelist mechanism bypass"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180423-01-app-en"
} }
] ]
} }

22
2018/8xxx/CVE-2018-8138.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8138", "ID": "CVE-2018-8138",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2018/8xxx/CVE-2018-8292.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8292", "ID": "CVE-2018-8292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "PowerShell Core", "product_name": "PowerShell Core",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
} }
] ]
} }
}, },
{ {
"product_name" : ".NET Core", "product_name": ".NET Core",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.0" "version_value": "1.0"
}, },
{ {
"version_value" : "1.1" "version_value": "1.1"
}, },
{ {
"version_value" : "2.1" "version_value": "2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka \".NET Core Information Disclosure Vulnerability.\" This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0." "value": "An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka \".NET Core Information Disclosure Vulnerability.\" This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292", "name": "RHSA-2018:2902",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292" "url": "https://access.redhat.com/errata/RHSA-2018:2902"
}, },
{ {
"name" : "RHSA-2018:2902", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2018:2902" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292"
}, },
{ {
"name" : "105548", "name": "105548",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105548" "url": "http://www.securityfocus.com/bid/105548"
} }
] ]
} }

84
2018/8xxx/CVE-2018-8431.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8431", "ID": "CVE-2018-8431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft SharePoint Server", "product_name": "Microsoft SharePoint Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2010 Service Pack 2" "version_value": "2010 Service Pack 2"
} }
] ]
} }
}, },
{ {
"product_name" : "Microsoft SharePoint", "product_name": "Microsoft SharePoint",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Enterprise Server 2013 Service Pack 1" "version_value": "Enterprise Server 2013 Service Pack 1"
}, },
{ {
"version_value" : "Enterprise Server 2016" "version_value": "Enterprise Server 2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft SharePoint Elevation of Privilege Vulnerability.\" This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8428." "value": "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft SharePoint Elevation of Privilege Vulnerability.\" This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8428."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8431", "name": "1041639",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8431" "url": "http://www.securitytracker.com/id/1041639"
}, },
{ {
"name" : "105221", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8431",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/105221" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8431"
}, },
{ {
"name" : "1041639", "name": "105221",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1041639" "url": "http://www.securityfocus.com/bid/105221"
} }
] ]
} }

62
2018/8xxx/CVE-2018-8806.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8806", "ID": "CVE-2018-8806",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file." "value": "In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/libming/libming/issues/128", "name": "https://github.com/libming/libming/issues/128",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/libming/libming/issues/128" "url": "https://github.com/libming/libming/issues/128"
} }
] ]
} }