admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:58:18 +00:00
parent 7e07cca963
commit dacd1d8003
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3850 additions and 3850 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2005/0xxx/CVE-2005-0020.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0020",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0020",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code."
"lang": "eng",
"value": "Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "DSA-641",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-641"
"name": "MDKSA-2005:010",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
},
{
"name" : "MDKSA-2005:010",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
"name": "13828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13828"
},
{
"name" : "12274",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12274"
"name": "1012957",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012957"
},
{
"name" : "13049",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/13049"
"name": "12274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12274"
},
{
"name" : "1012957",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1012957"
"name": "13898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13898"
},
{
"name" : "13828",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/13828"
"name": "playmidi-bo(18933)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
},
{
"name" : "13890",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/13890"
"name": "DSA-641",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-641"
},
{
"name" : "13898",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/13898"
"name": "13890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13890"
},
{
"name" : "playmidi-bo(18933)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
"name": "13049",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13049"
}
]
}

146
2005/0xxx/CVE-2005-0156.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0156",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0156",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree."
"lang": "eng",
"value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050207 DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=110779721503111&w=2"
"name": "20050207 DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=110779721503111&w=2"
},
{
"name" : "http://www.digitalmunition.com/DMA[2005-0131b].txt",
"refsource" : "MISC",
"url" : "http://www.digitalmunition.com/DMA[2005-0131b].txt"
"name": "http://www.digitalmunition.com/DMA[2005-0131b].txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA[2005-0131b].txt"
},
{
"name" : "CLSA-2006:1056",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056"
"name": "12426",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12426"
},
{
"name" : "FLSA-2006:152845",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/updates/FEDORA--.shtml"
"name": "RHSA-2005:105",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"name" : "GLSA-200502-13",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
"name": "14120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14120"
},
{
"name" : "MDKSA-2005:031",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name" : "RHSA-2005:103",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-103.html"
"name": "RHSA-2005:103",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"name" : "RHSA-2005:105",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-105.html"
"name": "oval:org.mitre.oval:def:10803",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
},
{
"name" : "2005-0003",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2005/0003/"
"name": "55314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55314"
},
{
"name" : "20050202 [USN-72-1] Perl vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110737149402683&w=2"
"name": "20050202 [USN-72-1] Perl vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110737149402683&w=2"
},
{
"name" : "12426",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12426"
"name": "CLSA-2006:1056",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056"
},
{
"name" : "oval:org.mitre.oval:def:10803",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
"name": "FLSA-2006:152845",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name" : "14120",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/14120"
"name": "MDKSA-2005:031",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"name" : "55314",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55314"
"name": "perl-perliodebug-bo(19208)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"name" : "perl-perliodebug-bo(19208)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
"name": "GLSA-200502-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
}
]
}

80
2005/0xxx/CVE-2005-0374.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0374",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0374",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050112 Security Advisory: BiTBOARD xss",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=110555988111899&w=2"
"name": "20050112 Security Advisory: BiTBOARD xss",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110555988111899&w=2"
},
{
"name" : "12248",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12248"
"name": "bitshifters-bitboard-xss(18871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18871"
},
{
"name" : "1012864",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1012864"
"name": "12248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12248"
},
{
"name" : "bitshifters-bitboard-xss(18871)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18871"
"name": "1012864",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012864"
}
]
}

74
2005/0xxx/CVE-2005-0487.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-0487",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0487",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050215 Kayako eSupport v2.3.1 Support Tracker XSS",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=110845724029888&w=2"
"name": "kayako-index-xss(18571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18571"
},
{
"name" : "12563",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/12563"
"name": "20050215 Kayako eSupport v2.3.1 Support Tracker XSS",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=110845724029888&w=2"
},
{
"name" : "kayako-index-xss(18571)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18571"
"name": "12563",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12563"
}
]
}

74
2005/1xxx/CVE-2005-1098.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1098",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1098",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information."
"lang": "eng",
"value": "GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15210",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/15210"
"name": "getdataback-ntfs-information-disclosure(19967)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19967"
},
{
"name" : "1013644",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1013644"
"name": "15210",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15210"
},
{
"name" : "getdataback-ntfs-information-disclosure(19967)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19967"
"name": "1013644",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013644"
}
]
}

116
2005/1xxx/CVE-2005-1705.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1705",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1705",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
"lang": "eng",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=88398"
"name": "17072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17072"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
"name": "18506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18506"
},
{
"name" : "GLSA-200505-15",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200505-15.xml"
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name" : "MDKSA-2005:095",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name" : "RHSA-2005:801",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-801.html"
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name" : "RHSA-2005:709",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-709.html"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name" : "oval:org.mitre.oval:def:11072",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name" : "17072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17072"
"name": "oval:org.mitre.oval:def:11072",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name" : "17356",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17356"
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name" : "18506",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18506"
"name": "17356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17356"
}
]
}

92
2005/3xxx/CVE-2005-3489.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3489",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3489",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string."
"lang": "eng",
"value": "Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051102 Buffer-overflow and directory traversal in Asus",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=113096055302614&w=2"
"name": "20457",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20457"
},
{
"name" : "http://aluigi.altervista.org/adv/asusvsbugs-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/asusvsbugs-adv.txt"
"name": "17419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17419"
},
{
"name" : "15279",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15279"
"name": "http://aluigi.altervista.org/adv/asusvsbugs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/asusvsbugs-adv.txt"
},
{
"name" : "ADV-2005-2289",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2289"
"name": "15279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15279"
},
{
"name" : "20457",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20457"
"name": "ADV-2005-2289",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2289"
},
{
"name" : "17419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17419"
"name": "20051102 Buffer-overflow and directory traversal in Asus",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=113096055302614&w=2"
}
]
}

92
2005/3xxx/CVE-2005-3621.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3621",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-3621",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts."
"lang": "eng",
"value": "CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6",
"refsource" : "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6"
"name": "SUSE-SR:2005:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"name" : "DSA-1207",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1207"
"name": "17578",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17578"
},
{
"name" : "SUSE-SR:2005:028",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
"name": "DSA-1207",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1207"
},
{
"name" : "1015213",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015213"
"name": "22781",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22781"
},
{
"name" : "17578",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17578"
"name": "1015213",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015213"
},
{
"name" : "22781",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22781"
"name": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6"
}
]
}

98
2005/3xxx/CVE-2005-3781.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3781",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3781",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to \"make unnecessary queries.\""
"lang": "eng",
"value": "Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to \"make unnecessary queries.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "102030",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102030-1"
"name": "20752",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20752"
},
{
"name" : "15384",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15384"
"name": "15384",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15384"
},
{
"name" : "ADV-2005-2388",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2388"
"name": "102030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102030-1"
},
{
"name" : "20752",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20752"
"name": "17460",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17460"
},
{
"name" : "1015191",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015191"
"name": "1015191",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015191"
},
{
"name" : "17460",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17460"
"name": "solaris-innamed-dns-dos(23062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23062"
},
{
"name" : "solaris-innamed-dns-dos(23062)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23062"
"name": "ADV-2005-2388",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2388"
}
]
}

80
2005/3xxx/CVE-2005-3829.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3829",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3829",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
"lang": "eng",
"value": "index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
"name": "17732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17732"
},
{
"name" : "ADV-2005-2587",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2587"
"name": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/activecampaign-knowledgebuilder-vuln.html"
},
{
"name" : "21098",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/21098"
"name": "ADV-2005-2587",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2587"
},
{
"name" : "17732",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17732"
"name": "21098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21098"
}
]
}

68
2005/4xxx/CVE-2005-4289.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4289",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4289",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 allows remote attackers to inject arbitrary web script or HTML via the user_action parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 allows remote attackers to inject arbitrary web script or HTML via the user_action parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2005/12/edatcat-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2005/12/edatcat-xss-vuln.html"
"name": "15889",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15889"
},
{
"name" : "15889",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15889"
"name": "http://pridels0.blogspot.com/2005/12/edatcat-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/edatcat-xss-vuln.html"
}
]
}

104
2005/4xxx/CVE-2005-4466.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4466",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4466",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters."
"lang": "eng",
"value": "Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051221 [Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/419989/100/0/threaded"
"name": "18197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18197"
},
{
"name" : "http://www.hat-squad.com/en/000171.html",
"refsource" : "MISC",
"url" : "http://www.hat-squad.com/en/000171.html"
"name": "281",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/281"
},
{
"name" : "16001",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16001"
"name": "sipproxy-i3sipmsg-bo(23823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23823"
},
{
"name" : "ADV-2005-3029",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/3029"
"name": "20051221 [Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419989/100/0/threaded"
},
{
"name" : "1015392",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015392"
"name": "16001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16001"
},
{
"name" : "18197",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18197"
"name": "ADV-2005-3029",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3029"
},
{
"name" : "281",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/281"
"name": "http://www.hat-squad.com/en/000171.html",
"refsource": "MISC",
"url": "http://www.hat-squad.com/en/000171.html"
},
{
"name" : "sipproxy-i3sipmsg-bo(23823)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23823"
"name": "1015392",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015392"
}
]
}

98
2005/4xxx/CVE-2005-4783.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4783",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4783",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory."
"lang": "eng",
"value": "kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"refsource" : "MLIST",
"url" : "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
"name": "1015132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015132"
},
{
"name" : "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c",
"refsource" : "CONFIRM",
"url" : "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h"
},
{
"name" : "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h",
"refsource" : "CONFIRM",
"url" : "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110&r2=1.111&f=h"
"name": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727",
"refsource": "CONFIRM",
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"name" : "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727",
"refsource" : "CONFIRM",
"url" : "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
"name": "20729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20729"
},
{
"name" : "NetBSD-SA2006-001",
"refsource" : "NETBSD",
"url" : "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
"name": "NetBSD-SA2006-001",
"refsource": "NETBSD",
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
},
{
"name" : "20729",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20729"
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name" : "1015132",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015132"
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
}
]
}

22
2005/4xxx/CVE-2005-4892.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-4892",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4892",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

110
2009/0xxx/CVE-2009-0126.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0126",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0126",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077."
"lang": "eng",
"value": "The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090112 CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2009/01/12/4"
"name": "33828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33828"
},
{
"name" : "http://boinc.berkeley.edu/trac/changeset/16883",
"refsource" : "CONFIRM",
"url" : "http://boinc.berkeley.edu/trac/changeset/16883"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511521",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511521"
},
{
"name" : "http://boinc.berkeley.edu/trac/ticket/823",
"refsource" : "CONFIRM",
"url" : "http://boinc.berkeley.edu/trac/ticket/823"
"name": "33806",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33806"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511521",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511521"
"name": "SUSE-SR:2009:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=479664",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=479664"
"name": "[oss-security] 20090112 CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2009/01/12/4"
},
{
"name" : "FEDORA-2009-0578",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00034.html"
"name": "http://boinc.berkeley.edu/trac/changeset/16883",
"refsource": "CONFIRM",
"url": "http://boinc.berkeley.edu/trac/changeset/16883"
},
{
"name" : "SUSE-SR:2009:003",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"
"name": "http://boinc.berkeley.edu/trac/ticket/823",
"refsource": "CONFIRM",
"url": "http://boinc.berkeley.edu/trac/ticket/823"
},
{
"name" : "33806",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33806"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=479664",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=479664"
},
{
"name" : "33828",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33828"
"name": "FEDORA-2009-0578",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00034.html"
}
]
}

92
2009/0xxx/CVE-2009-0344.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0344",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0344",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6633175, a different vulnerability than CVE-2007-5717."
"lang": "eng",
"value": "Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6633175, a different vulnerability than CVE-2007-5717."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "239886",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239886-1"
"name": "33506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33506"
},
{
"name" : "33506",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33506"
"name": "ADV-2009-0281",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0281"
},
{
"name" : "ADV-2009-0281",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0281"
"name": "33726",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33726"
},
{
"name" : "1021646",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1021646"
"name": "sunfire-elom-unauth-access(48329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48329"
},
{
"name" : "33726",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33726"
"name": "239886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239886-1"
},
{
"name" : "sunfire-elom-unauth-access(48329)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48329"
"name": "1021646",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021646"
}
]
}

80
2009/0xxx/CVE-2009-0860.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0860",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0860",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the web user interface in the login application in NetMRI 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to error pages."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web user interface in the login application in NetMRI 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to error pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090218 DDIVRT-2009-20 NetMRI Login Application Cross-site Scripting Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/501033/100/0/threaded"
"name": "33824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33824"
},
{
"name" : "http://connection.netcordia.com/forums/t/731.aspx",
"refsource" : "CONFIRM",
"url" : "http://connection.netcordia.com/forums/t/731.aspx"
"name": "33963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33963"
},
{
"name" : "33824",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33824"
"name": "20090218 DDIVRT-2009-20 NetMRI Login Application Cross-site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501033/100/0/threaded"
},
{
"name" : "33963",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33963"
"name": "http://connection.netcordia.com/forums/t/731.aspx",
"refsource": "CONFIRM",
"url": "http://connection.netcordia.com/forums/t/731.aspx"
}
]
}

74
2009/0xxx/CVE-2009-0897.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0897",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0897",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the \"schema DB2 instance id\" and the bcgarchive (aka the archiver script)."
"lang": "eng",
"value": "IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the \"schema DB2 instance id\" and the bcgarchive (aka the archiver script)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "JR31482",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21366016"
"name": "JR31482",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21366016"
},
{
"name" : "35136",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35136"
"name": "35136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35136"
},
{
"name" : "websphere-pg-bcgarchive-info-disclosure(50643)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50643"
"name": "websphere-pg-bcgarchive-info-disclosure(50643)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50643"
}
]
}

116
2009/0xxx/CVE-2009-0916.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-0916",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0916",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a \"moderately severe issue.\""
"lang": "eng",
"value": "Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a \"moderately severe issue.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/freebsd/964/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/freebsd/964/"
"name": "SUSE-SR:2009:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"name" : "http://www.opera.com/docs/changelogs/linux/964/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/linux/964/"
"name": "34135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34135"
},
{
"name" : "http://www.opera.com/docs/changelogs/mac/964/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/964/"
"name": "http://www.opera.com/docs/changelogs/solaris/964/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/solaris/964/"
},
{
"name" : "http://www.opera.com/docs/changelogs/solaris/964/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/solaris/964/"
"name": "http://www.opera.com/docs/changelogs/linux/964/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/linux/964/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/964/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/964/"
"name": "34418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34418"
},
{
"name" : "SUSE-SR:2009:007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
"name": "http://www.opera.com/docs/changelogs/mac/964/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/964/"
},
{
"name" : "33961",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/33961"
"name": "33961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33961"
},
{
"name" : "34135",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34135"
"name": "ADV-2009-0586",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0586"
},
{
"name" : "34418",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34418"
"name": "http://www.opera.com/docs/changelogs/windows/964/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/964/"
},
{
"name" : "ADV-2009-0586",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0586"
"name": "http://www.opera.com/docs/changelogs/freebsd/964/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/freebsd/964/"
}
]
}

92
2009/1xxx/CVE-2009-1494.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1494",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1494",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port."
"lang": "eng",
"value": "The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/memcachedb/source/browse/trunk/ChangeLog?spec=svn98&r=98",
"refsource" : "MISC",
"url" : "http://code.google.com/p/memcachedb/source/browse/trunk/ChangeLog?spec=svn98&r=98"
"name": "http://code.google.com/p/memcachedb/source/browse/trunk/ChangeLog?spec=svn98&r=98",
"refsource": "MISC",
"url": "http://code.google.com/p/memcachedb/source/browse/trunk/ChangeLog?spec=svn98&r=98"
},
{
"name" : "http://code.google.com/p/memcachedb/source/detail?r=98",
"refsource" : "MISC",
"url" : "http://code.google.com/p/memcachedb/source/detail?r=98"
"name": "http://memcached.googlecode.com/files/memcached-1.2.8.tar.gz",
"refsource": "MISC",
"url": "http://memcached.googlecode.com/files/memcached-1.2.8.tar.gz"
},
{
"name" : "http://code.google.com/p/memcachedb/source/diff?spec=svn98&r=98&format=side&path=/trunk/memcachedb.c",
"refsource" : "MISC",
"url" : "http://code.google.com/p/memcachedb/source/diff?spec=svn98&r=98&format=side&path=/trunk/memcachedb.c"
"name": "memcached-processstat-info-disclosure(50444)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50444"
},
{
"name" : "http://groups.google.com/group/memcached/browse_thread/thread/ff96a9b88fb5d40e",
"refsource" : "MISC",
"url" : "http://groups.google.com/group/memcached/browse_thread/thread/ff96a9b88fb5d40e"
"name": "http://code.google.com/p/memcachedb/source/detail?r=98",
"refsource": "MISC",
"url": "http://code.google.com/p/memcachedb/source/detail?r=98"
},
{
"name" : "http://memcached.googlecode.com/files/memcached-1.2.8.tar.gz",
"refsource" : "MISC",
"url" : "http://memcached.googlecode.com/files/memcached-1.2.8.tar.gz"
"name": "http://code.google.com/p/memcachedb/source/diff?spec=svn98&r=98&format=side&path=/trunk/memcachedb.c",
"refsource": "MISC",
"url": "http://code.google.com/p/memcachedb/source/diff?spec=svn98&r=98&format=side&path=/trunk/memcachedb.c"
},
{
"name" : "memcached-processstat-info-disclosure(50444)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50444"
"name": "http://groups.google.com/group/memcached/browse_thread/thread/ff96a9b88fb5d40e",
"refsource": "MISC",
"url": "http://groups.google.com/group/memcached/browse_thread/thread/ff96a9b88fb5d40e"
}
]
}

74
2009/3xxx/CVE-2009-3227.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3227",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3227",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script or HTML via the city parameter in a search action. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script or HTML via the city parameter in a search action. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/0907-exploits/almondclassifiedsads-bsqlxss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0907-exploits/almondclassifiedsads-bsqlxss.txt"
"name": "36003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36003"
},
{
"name" : "35816",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35816"
"name": "35816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35816"
},
{
"name" : "36003",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36003"
"name": "http://packetstormsecurity.org/0907-exploits/almondclassifiedsads-bsqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/almondclassifiedsads-bsqlxss.txt"
}
]
}

68
2009/3xxx/CVE-2009-3413.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3413",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-3413",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3414."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3414."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html"
},
{
"name" : "TA10-012A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-012A.html"
"name": "TA10-012A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html"
}
]
}

74
2009/3xxx/CVE-2009-3482.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3482",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3482",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by replacing executables with Trojan horse programs."
"lang": "eng",
"value": "TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by replacing executables with Trojan horse programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090928 Local privilege escalation vulnerability in Trustport security software",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/506751/100/0/threaded"
"name": "http://www.trustport.com/en/notices/security-update-of-trustport-products",
"refsource": "CONFIRM",
"url": "http://www.trustport.com/en/notices/security-update-of-trustport-products"
},
{
"name" : "http://www.trustport.com/en/notices/security-update-of-trustport-products",
"refsource" : "CONFIRM",
"url" : "http://www.trustport.com/en/notices/security-update-of-trustport-products"
"name": "36880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36880"
},
{
"name" : "36880",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36880"
"name": "20090928 Local privilege escalation vulnerability in Trustport security software",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506751/100/0/threaded"
}
]
}

74
2009/3xxx/CVE-2009-3592.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3592",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3592",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in customer/home.php in Qualiteam X-Cart allows remote attackers to inject arbitrary web script or HTML via the email parameter in a subscribed action, a different vector than CVE-2005-1823."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in customer/home.php in Qualiteam X-Cart allows remote attackers to inject arbitrary web script or HTML via the email parameter in a subscribed action, a different vector than CVE-2005-1823."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/0910-exploits/X-Cart-submail-XSS.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0910-exploits/X-Cart-submail-XSS.txt"
"name": "http://packetstormsecurity.org/0910-exploits/X-Cart-submail-XSS.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0910-exploits/X-Cart-submail-XSS.txt"
},
{
"name" : "36601",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36601"
"name": "xcart-home-xss(53664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53664"
},
{
"name" : "xcart-home-xss(53664)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53664"
"name": "36601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36601"
}
]
}

104
2009/3xxx/CVE-2009-3900.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3900",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3900",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp)."
"lang": "eng",
"value": "Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc"
"name": "37267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37267"
},
{
"name" : "IZ61323",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61323"
"name": "IZ62630",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ62630"
},
{
"name" : "IZ61325",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61325"
"name": "IZ61323",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61323"
},
{
"name" : "IZ62630",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ62630"
"name": "36931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36931"
},
{
"name" : "36931",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36931"
"name": "aix-powerha-unauth-access(54154)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54154"
},
{
"name" : "37267",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37267"
"name": "IZ61325",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61325"
},
{
"name" : "ADV-2009-3153",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3153"
"name": "ADV-2009-3153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3153"
},
{
"name" : "aix-powerha-unauth-access(54154)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54154"
"name": "http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc"
}
]
}

122
2009/4xxx/CVE-2009-4301.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4301",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4301",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions."
"lang": "eng",
"value": "mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11",
"refsource" : "CONFIRM",
"url" : "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11"
"name": "http://docs.moodle.org/en/Moodle_1.9.7_release_notes",
"refsource": "CONFIRM",
"url": "http://docs.moodle.org/en/Moodle_1.9.7_release_notes"
},
{
"name" : "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8",
"refsource" : "CONFIRM",
"url" : "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8"
"name": "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11",
"refsource": "CONFIRM",
"url": "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11"
},
{
"name" : "http://docs.moodle.org/en/Moodle_1.8.11_release_notes",
"refsource" : "CONFIRM",
"url" : "http://docs.moodle.org/en/Moodle_1.8.11_release_notes"
"name": "http://docs.moodle.org/en/Moodle_1.8.11_release_notes",
"refsource": "CONFIRM",
"url": "http://docs.moodle.org/en/Moodle_1.8.11_release_notes"
},
{
"name" : "http://docs.moodle.org/en/Moodle_1.9.7_release_notes",
"refsource" : "CONFIRM",
"url" : "http://docs.moodle.org/en/Moodle_1.9.7_release_notes"
"name": "http://moodle.org/mod/forum/discuss.php?d=139106",
"refsource": "CONFIRM",
"url": "http://moodle.org/mod/forum/discuss.php?d=139106"
},
{
"name" : "http://moodle.org/mod/forum/discuss.php?d=139106",
"refsource" : "CONFIRM",
"url" : "http://moodle.org/mod/forum/discuss.php?d=139106"
"name": "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8",
"refsource": "CONFIRM",
"url": "http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8"
},
{
"name" : "FEDORA-2009-13040",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html"
"name": "ADV-2009-3455",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3455"
},
{
"name" : "FEDORA-2009-13065",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html"
"name": "37614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37614"
},
{
"name" : "FEDORA-2009-13080",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html"
"name": "FEDORA-2009-13065",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html"
},
{
"name" : "37244",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37244"
"name": "FEDORA-2009-13040",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html"
},
{
"name" : "37614",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37614"
"name": "FEDORA-2009-13080",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html"
},
{
"name" : "ADV-2009-3455",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3455"
"name": "37244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37244"
}
]
}

74
2009/4xxx/CVE-2009-4648.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4648",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4648",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command."
"lang": "eng",
"value": "Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.portcullis-security.com/338.php",
"refsource" : "MISC",
"url" : "http://www.portcullis-security.com/338.php"
"name": "38176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38176"
},
{
"name" : "38176",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38176"
"name": "http://www.portcullis-security.com/338.php",
"refsource": "MISC",
"url": "http://www.portcullis-security.com/338.php"
},
{
"name" : "fta-menushell-command-execution(56248)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56248"
"name": "fta-menushell-command-execution(56248)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56248"
}
]
}

62
2009/4xxx/CVE-2009-4992.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-4992",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4992",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
"lang": "eng",
"value": "SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "9383",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9383"
"name": "9383",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9383"
}
]
}

122
2012/2xxx/CVE-2012-2121.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2121",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2121",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices."
"lang": "eng",
"value": "The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120419 Re: CVE request -- kernel: kvm: device assignment page leak",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/19/16"
"name": "50732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50732"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4"
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=814149",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=814149"
"name": "1027083",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027083"
},
{
"name" : "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195"
"name": "[oss-security] 20120419 Re: CVE request -- kernel: kvm: device assignment page leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/16"
},
{
"name" : "RHSA-2012:0743",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=814149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=814149"
},
{
"name" : "RHSA-2012:0676",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
"name": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195"
},
{
"name" : "USN-1577-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1577-1"
"name": "USN-1577-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1577-1"
},
{
"name" : "USN-2036-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2036-1"
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4"
},
{
"name" : "USN-2037-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2037-1"
"name": "USN-2036-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2036-1"
},
{
"name" : "1027083",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027083"
"name": "USN-2037-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2037-1"
},
{
"name" : "50732",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50732"
"name": "RHSA-2012:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
}
]
}

74
2012/2xxx/CVE-2012-2211.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2211",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2211",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in phpgwapi/inc/common_functions_inc.php in eGroupware before 1.8.004.20120405 allows remote attackers to inject arbitrary web script or HTML via the menuaction parameter to etemplate/process_exec.php. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in phpgwapi/inc/common_functions_inc.php in eGroupware before 1.8.004.20120405 allows remote attackers to inject arbitrary web script or HTML via the menuaction parameter to etemplate/process_exec.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/files/111626/egroupware-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/111626/egroupware-xss.txt"
"name": "48703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48703"
},
{
"name" : "http://www.egroupware.org/changelog",
"refsource" : "CONFIRM",
"url" : "http://www.egroupware.org/changelog"
"name": "http://www.egroupware.org/changelog",
"refsource": "CONFIRM",
"url": "http://www.egroupware.org/changelog"
},
{
"name" : "48703",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48703"
"name": "http://packetstormsecurity.org/files/111626/egroupware-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/111626/egroupware-xss.txt"
}
]
}

98
2012/2xxx/CVE-2012-2332.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2332",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2332",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF)."
"lang": "eng",
"value": "SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20120508 Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-05/0037.html"
"name": "[oss-security] 20120508 CVE request: XSS and SQL injection in serendipity before 1.7.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/08/6"
},
{
"name" : "[oss-security] 20120508 CVE request: XSS and SQL injection in serendipity before 1.7.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/08/6"
"name": "http://www.rul3z.de/index.php?/214-KORAMISADV2012-001-Serendipity-1.6-Backend-Cross-Site-Scripting-and-SQL-Injection-vulnerability.html",
"refsource": "MISC",
"url": "http://www.rul3z.de/index.php?/214-KORAMISADV2012-001-Serendipity-1.6-Backend-Cross-Site-Scripting-and-SQL-Injection-vulnerability.html"
},
{
"name" : "[oss-security] 20120508 Re: CVE request: XSS and SQL injection in serendipity before 1.7.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/09/2"
"name": "53418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53418"
},
{
"name" : "http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt",
"refsource" : "MISC",
"url" : "http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt"
"name": "http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt",
"refsource": "MISC",
"url": "http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt"
},
{
"name" : "http://www.rul3z.de/index.php?/214-KORAMISADV2012-001-Serendipity-1.6-Backend-Cross-Site-Scripting-and-SQL-Injection-vulnerability.html",
"refsource" : "MISC",
"url" : "http://www.rul3z.de/index.php?/214-KORAMISADV2012-001-Serendipity-1.6-Backend-Cross-Site-Scripting-and-SQL-Injection-vulnerability.html"
"name": "[oss-security] 20120508 Re: CVE request: XSS and SQL injection in serendipity before 1.7.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/09/2"
},
{
"name" : "http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html",
"refsource" : "CONFIRM",
"url" : "http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html"
"name": "http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html",
"refsource": "CONFIRM",
"url": "http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html"
},
{
"name" : "53418",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53418"
"name": "20120508 Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0037.html"
}
]
}

22
2012/2xxx/CVE-2012-2343.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2343",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-2343",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5098. Reason: This candidate is a duplicate of CVE-2010-5098. Notes: All CVE users should reference CVE-2010-5098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5098. Reason: This candidate is a duplicate of CVE-2010-5098. Notes: All CVE users should reference CVE-2010-5098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

80
2012/2xxx/CVE-2012-2957.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-2957",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2957",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a \"file inclusion\" issue."
"lang": "eng",
"value": "The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a \"file inclusion\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00",
"refsource" : "CONFIRM",
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00"
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00"
},
{
"name" : "VU#108471",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/108471"
"name": "symantec-web-mechanism-file-include(77113)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77113"
},
{
"name" : "54429",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/54429"
"name": "VU#108471",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/108471"
},
{
"name" : "symantec-web-mechanism-file-include(77113)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77113"
"name": "54429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54429"
}
]
}

22
2012/6xxx/CVE-2012-6362.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-6362",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-6362",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
}
]
}

80
2015/0xxx/CVE-2015-0363.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0363",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0363",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services."
"lang": "eng",
"value": "Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "72203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72203"
},
{
"name" : "72203",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72203"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "1031578",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031578"
"name": "oracle-cpujan2015-cve20150363(100128)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100128"
},
{
"name" : "oracle-cpujan2015-cve20150363(100128)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100128"
"name": "1031578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031578"
}
]
}

62
2015/0xxx/CVE-2015-0923.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0923",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-0923",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference within an XML document named in the xslt parameter, related to an XML External Entity (XXE) issue."
"lang": "eng",
"value": "The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference within an XML document named in the xslt parameter, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#377644",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/377644"
"name": "VU#377644",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/377644"
}
]
}

80
2015/1xxx/CVE-2015-1400.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1400",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1400",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter."
"lang": "eng",
"value": "SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html"
"name": "http://www.npds.org/viewtopic.php?topic=26189&forum=12",
"refsource": "CONFIRM",
"url": "http://www.npds.org/viewtopic.php?topic=26189&forum=12"
},
{
"name" : "http://websecgeeks.com/npds-cms-sql-injection/",
"refsource" : "MISC",
"url" : "http://websecgeeks.com/npds-cms-sql-injection/"
"name": "http://www.npds.org/viewtopic.php?topic=26233&forum=12",
"refsource": "CONFIRM",
"url": "http://www.npds.org/viewtopic.php?topic=26233&forum=12"
},
{
"name" : "http://www.npds.org/viewtopic.php?topic=26189&forum=12",
"refsource" : "CONFIRM",
"url" : "http://www.npds.org/viewtopic.php?topic=26189&forum=12"
"name": "http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130179/NPDS-CMS-Revolution-13-SQL-Injection.html"
},
{
"name" : "http://www.npds.org/viewtopic.php?topic=26233&forum=12",
"refsource" : "CONFIRM",
"url" : "http://www.npds.org/viewtopic.php?topic=26233&forum=12"
"name": "http://websecgeeks.com/npds-cms-sql-injection/",
"refsource": "MISC",
"url": "http://websecgeeks.com/npds-cms-sql-injection/"
}
]
}

22
2015/1xxx/CVE-2015-1509.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1509",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1509",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2015/1xxx/CVE-2015-1613.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1613",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1613",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method."
"lang": "eng",
"value": "RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://rhodecode.com/blog/rhodecode-enterprise-security-release/",
"refsource" : "CONFIRM",
"url" : "https://rhodecode.com/blog/rhodecode-enterprise-security-release/"
"name": "https://rhodecode.com/blog/rhodecode-enterprise-security-release/",
"refsource": "CONFIRM",
"url": "https://rhodecode.com/blog/rhodecode-enterprise-security-release/"
}
]
}

80
2015/1xxx/CVE-2015-1747.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1747",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-1747",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1750, and CVE-2015-1753."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1750, and CVE-2015-1753."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-250",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-250"
"name": "MS15-056",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
},
{
"name" : "MS15-056",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-250",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-250"
},
{
"name" : "74986",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74986"
"name": "74986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74986"
},
{
"name" : "1032521",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032521"
"name": "1032521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032521"
}
]
}

74
2015/1xxx/CVE-2015-1770.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1770",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-1770",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Uninitialized Memory Use Vulnerability.\""
"lang": "eng",
"value": "Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Uninitialized Memory Use Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-059",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-059"
"name": "75016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75016"
},
{
"name" : "75016",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75016"
"name": "1032523",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032523"
},
{
"name" : "1032523",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032523"
"name": "MS15-059",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-059"
}
]
}

74
2015/1xxx/CVE-2015-1921.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-1921",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1921",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
"lang": "eng",
"value": "Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21884060",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21884060"
"name": "PI38632",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI38632"
},
{
"name" : "PI38632",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI38632"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21884060",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21884060"
},
{
"name" : "74705",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74705"
"name": "74705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74705"
}
]
}

22
2015/5xxx/CVE-2015-5077.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5077",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5077",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/5xxx/CVE-2015-5126.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5126",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-5126",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

74
2015/5xxx/CVE-2015-5183.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5183",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5183",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Hawtio console in A-MQ does not set HTTPOnly or Secure attributes on cookies."
"lang": "eng",
"value": "The Hawtio console in A-MQ does not set HTTPOnly or Secure attributes on cookies."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1249182",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1249182"
"name": "1041750",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041750"
},
{
"name" : "RHSA-2018:2840",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2840"
"name": "RHSA-2018:2840",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2840"
},
{
"name" : "1041750",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041750"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1249182",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249182"
}
]
}

22
2015/5xxx/CVE-2015-5478.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5478",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5478",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/11xxx/CVE-2018-11474.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11474",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11474",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser."
"lang": "eng",
"value": "Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/monstra-cms/monstra/issues/444",
"refsource" : "MISC",
"url" : "https://github.com/monstra-cms/monstra/issues/444"
"name": "https://github.com/monstra-cms/monstra/issues/444",
"refsource": "MISC",
"url": "https://github.com/monstra-cms/monstra/issues/444"
}
]
}

62
2018/11xxx/CVE-2018-11703.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11703",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11703",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact."
"lang": "eng",
"value": "FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703",
"refsource" : "MISC",
"url" : "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703"
"name": "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703",
"refsource": "MISC",
"url": "https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703"
}
]
}

76
2018/3xxx/CVE-2018-3087.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-3087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "VM VirtualBox",
"version" : {
"version_data" : [
"product_name": "VM VirtualBox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "5.2.16"
"version_affected": "<",
"version_value": "5.2.16"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
"lang": "eng",
"value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "104764",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104764"
"name": "104764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104764"
},
{
"name" : "1041296",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041296"
"name": "1041296",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041296"
}
]
}

22
2018/3xxx/CVE-2018-3426.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3426",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3426",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/3xxx/CVE-2018-3478.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-3478",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3478",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

64
2018/3xxx/CVE-2018-3578.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-05-11T00:00:00",
"ID" : "CVE-2018-3578",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-05-11T00:00:00",
"ID": "CVE-2018-3578",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : {
"version_data" : [
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel."
"lang": "eng",
"value": "Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Incorrect Calculation of Buffer Size in WLAN"
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size in WLAN"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2",
"refsource" : "MISC",
"url" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2"
"name": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2",
"refsource": "MISC",
"url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2"
}
]
}

64
2018/3xxx/CVE-2018-3965.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "talos-cna@cisco.com",
"DATE_PUBLIC" : "2018-10-01T00:00:00",
"ID" : "CVE-2018-3965",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2018-10-01T00:00:00",
"ID": "CVE-2018-3965",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Foxit PDF Reader",
"version" : {
"version_data" : [
"product_name": "Foxit PDF Reader",
"version": {
"version_data": [
{
"version_value" : "9.1.0.5096"
"version_value": "9.1.0.5096"
}
]
}
}
]
},
"vendor_name" : "Foxit Software"
"vendor_name": "Foxit Software"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability."
"lang": "eng",
"value": "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "remote code execution"
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0630",
"refsource" : "MISC",
"url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0630"
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0630",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0630"
}
]
}

62
2018/7xxx/CVE-2018-7959.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@huawei.com",
"ID" : "CVE-2018-7959",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7959",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "eSpace 7950",
"version" : {
"version_data" : [
"product_name": "eSpace 7950",
"version": {
"version_data": [
{
"version_value" : "V200R003C30"
"version_value": "V200R003C30"
}
]
}
}
]
},
"vendor_name" : "Huawei Technologies Co., Ltd."
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
"lang": "eng",
"value": "There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information leak."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "information leakage"
"lang": "eng",
"value": "information leakage"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181114-02-espace-en"
}
]
}

22
2018/8xxx/CVE-2018-8268.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8268",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8268",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/8xxx/CVE-2018-8616.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8616",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8616",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/8xxx/CVE-2018-8650.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8650",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8650",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft SharePoint",
"version" : {
"version_data" : [
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value" : "Enterprise Server 2016"
"version_value": "Enterprise Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability.\" This affects Microsoft SharePoint."
"lang": "eng",
"value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability.\" This affects Microsoft SharePoint."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Spoofing"
"lang": "eng",
"value": "Spoofing"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8650",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8650"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8650",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8650"
},
{
"name" : "106170",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106170"
"name": "106170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106170"
}
]
}

62
2018/8xxx/CVE-2018-8722.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-8722",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8722",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed in build 92026."
"lang": "eng",
"value": "Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed in build 92026."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.manageengine.com/products/desktop-central/cross-site-scripting-vulnerability.html",
"refsource" : "CONFIRM",
"url" : "https://www.manageengine.com/products/desktop-central/cross-site-scripting-vulnerability.html"
"name": "https://www.manageengine.com/products/desktop-central/cross-site-scripting-vulnerability.html",
"refsource": "CONFIRM",
"url": "https://www.manageengine.com/products/desktop-central/cross-site-scripting-vulnerability.html"
}
]
}