admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:22:32 +00:00
parent 277edfd208
commit dcac1cfd16
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3514 additions and 3514 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2001/0xxx/CVE-2001-0705.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0705", "ID": "CVE-2001-0705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with \"dot dot\" sequences in the template argument." "value": "Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with \"dot dot\" sequences in the template argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010621 NERF Advisory #2 - 1C:Arcadia multiple vulnerablilities.", "name": "arcadia-tradecli-directory-traversal(6737)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/192651" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6737"
}, },
{ {
"name" : "arcadia-tradecli-directory-traversal(6737)", "name": "2902",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6737" "url": "http://www.securityfocus.com/bid/2902"
}, },
{ {
"name" : "2902", "name": "20010621 NERF Advisory #2 - 1C:Arcadia multiple vulnerablilities.",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/2902" "url": "http://www.securityfocus.com/archive/1/192651"
} }
] ]
} }

74
2001/1xxx/CVE-2001-1021.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1021", "ID": "CVE-2001-1021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD." "value": "Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010726 def-2001-28 - WS_FTP server 2.0.2 Buffer Overflow and possible DOS", "name": "wsftp-long-command-bo(6911)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-07/0610.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6911"
}, },
{ {
"name" : "http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html", "name": "http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html" "url": "http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html"
}, },
{ {
"name" : "wsftp-long-command-bo(6911)", "name": "20010726 def-2001-28 - WS_FTP server 2.0.2 Buffer Overflow and possible DOS",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6911" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0610.html"
} }
] ]
} }

80
2006/2xxx/CVE-2006-2573.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2573", "ID": "CVE-2006-2573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in index.php in DGBook 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, (4) address, (5) comment, and (6) ip parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "SQL injection vulnerability in index.php in DGBook 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, (4) address, (5) comment, and (6) ip parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "ADV-2006-1942", "name": "25733",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2006/1942" "url": "http://www.osvdb.org/25733"
}, },
{ {
"name" : "25733", "name": "dgbook-index-sql-injection(26630)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/25733" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26630"
}, },
{ {
"name" : "20201", "name": "20201",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20201" "url": "http://secunia.com/advisories/20201"
}, },
{ {
"name" : "dgbook-index-sql-injection(26630)", "name": "ADV-2006-1942",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26630" "url": "http://www.vupen.com/english/advisories/2006/1942"
} }
] ]
} }

92
2006/2xxx/CVE-2006-2658.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2658", "ID": "CVE-2006-2658",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request." "value": "Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "SUSE-SR:2006:022", "name": "21847",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Sep/0005.html" "url": "http://secunia.com/advisories/21847"
}, },
{ {
"name" : "19929", "name": "ADV-2006-3552",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/19929" "url": "http://www.vupen.com/english/advisories/2006/3552"
}, },
{ {
"name" : "ADV-2006-3552", "name": "1016821",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2006/3552" "url": "http://securitytracker.com/id?1016821"
}, },
{ {
"name" : "1016821", "name": "SUSE-SR:2006:022",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://securitytracker.com/id?1016821" "url": "http://lists.suse.com/archive/suse-security-announce/2006-Sep/0005.html"
}, },
{ {
"name" : "21840", "name": "19929",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/21840" "url": "http://www.securityfocus.com/bid/19929"
}, },
{ {
"name" : "21847", "name": "21840",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/21847" "url": "http://secunia.com/advisories/21840"
} }
] ]
} }

92
2006/2xxx/CVE-2006-2680.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2680", "ID": "CVE-2006-2680",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter." "value": "Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060523 AZ Photo Album Script Pro", "name": "18306",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/435003/100/0/threaded" "url": "http://www.securityfocus.com/bid/18306"
}, },
{ {
"name" : "18306", "name": "ADV-2006-1982",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/18306" "url": "http://www.vupen.com/english/advisories/2006/1982"
}, },
{ {
"name" : "ADV-2006-1982", "name": "20060523 AZ Photo Album Script Pro",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2006/1982" "url": "http://www.securityfocus.com/archive/1/435003/100/0/threaded"
}, },
{ {
"name" : "20291", "name": "azphotoalbum-index-xss(26679)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/20291" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26679"
}, },
{ {
"name" : "992", "name": "992",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/992" "url": "http://securityreason.com/securityalert/992"
}, },
{ {
"name" : "azphotoalbum-index-xss(26679)", "name": "20291",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26679" "url": "http://secunia.com/advisories/20291"
} }
] ]
} }

134
2006/2xxx/CVE-2006-2864.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2864", "ID": "CVE-2006-2864",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) APP[path][applications] parameter to (a) Bs_Faq.class.php, (2) APP[path][core] parameter to (b) fileBrowserInner.php, (c) file.php, and (d) viewer.php, and (e) Bs_ImageArchive.class.php, (3) GLOBALS[APP][path][core] parameter to (f) Bs_Ml_User.class.php, or (4) APP[path][plugins] parameter to (g) Bs_Wse_Profile.class.php." "value": "Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) APP[path][applications] parameter to (a) Bs_Faq.class.php, (2) APP[path][core] parameter to (b) fileBrowserInner.php, (c) file.php, and (d) viewer.php, and (e) Bs_ImageArchive.class.php, (3) GLOBALS[APP][path][core] parameter to (f) Bs_Ml_User.class.php, or (4) APP[path][plugins] parameter to (g) Bs_Wse_Profile.class.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "1870", "name": "ADV-2006-2128",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "https://www.exploit-db.com/exploits/1870" "url": "http://www.vupen.com/english/advisories/2006/2128"
}, },
{ {
"name" : "http://www.blueshoes.org/en/news/", "name": "25998",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.blueshoes.org/en/news/" "url": "http://www.osvdb.org/25998"
}, },
{ {
"name" : "18261", "name": "20438",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/18261" "url": "http://secunia.com/advisories/20438"
}, },
{ {
"name" : "ADV-2006-2128", "name": "http://www.blueshoes.org/en/news/",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2006/2128" "url": "http://www.blueshoes.org/en/news/"
}, },
{ {
"name" : "26001", "name": "25996",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26001" "url": "http://www.osvdb.org/25996"
}, },
{ {
"name" : "26002", "name": "18261",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/26002" "url": "http://www.securityfocus.com/bid/18261"
}, },
{ {
"name" : "25996", "name": "26001",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/25996" "url": "http://www.osvdb.org/26001"
}, },
{ {
"name" : "25997", "name": "1870",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://www.osvdb.org/25997" "url": "https://www.exploit-db.com/exploits/1870"
}, },
{ {
"name" : "25998", "name": "26002",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/25998" "url": "http://www.osvdb.org/26002"
}, },
{ {
"name" : "25999", "name": "26000",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/25999" "url": "http://www.osvdb.org/26000"
}, },
{ {
"name" : "26000", "name": "blueshoes-multiple-scripts-file-include(26908)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/26000" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26908"
}, },
{ {
"name" : "20438", "name": "25999",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/20438" "url": "http://www.osvdb.org/25999"
}, },
{ {
"name" : "blueshoes-multiple-scripts-file-include(26908)", "name": "25997",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26908" "url": "http://www.osvdb.org/25997"
} }
] ]
} }

80
2006/2xxx/CVE-2006-2958.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2958", "ID": "CVE-2006-2958",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. (dot dot) in a (1) .rar, (2) .tar, (3) .jar, or (4) .gz file. NOTE: the provenance of this information is unknown; the details are obtained from third party information." "value": "Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. (dot dot) in a (1) .rar, (2) .tar, (3) .jar, or (4) .gz file. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18375", "name": "18375",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/18375" "url": "http://www.securityfocus.com/bid/18375"
}, },
{ {
"name" : "ADV-2006-2255", "name": "ADV-2006-2255",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2255" "url": "http://www.vupen.com/english/advisories/2006/2255"
}, },
{ {
"name" : "20543", "name": "filzip-archive-directory-traversal(27027)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/20543" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27027"
}, },
{ {
"name" : "filzip-archive-directory-traversal(27027)", "name": "20543",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27027" "url": "http://secunia.com/advisories/20543"
} }
] ]
} }

86
2008/5xxx/CVE-2008-5291.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5291", "ID": "CVE-2008-5291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165." "value": "Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7231", "name": "7231",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/7231" "url": "https://www.exploit-db.com/exploits/7231"
}, },
{ {
"name" : "32475", "name": "32475",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/32475" "url": "http://www.securityfocus.com/bid/32475"
}, },
{ {
"name" : "32865", "name": "32865",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/32865" "url": "http://secunia.com/advisories/32865"
}, },
{ {
"name" : "4667", "name": "fuzzylimecms-track-file-include(46841)",
"refsource" : "SREASON", "refsource": "XF",
"url" : "http://securityreason.com/securityalert/4667" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46841"
}, },
{ {
"name" : "fuzzylimecms-track-file-include(46841)", "name": "4667",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46841" "url": "http://securityreason.com/securityalert/4667"
} }
] ]
} }

86
2008/5xxx/CVE-2008-5676.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5676", "ID": "CVE-2008-5676",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to \"transformation caching.\"" "value": "Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to \"transformation caching.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://blog.modsecurity.org/2008/08/transformation.html", "name": "32146",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://blog.modsecurity.org/2008/08/transformation.html" "url": "http://secunia.com/advisories/32146"
}, },
{ {
"name" : "http://freshmeat.net/projects/modsecurity/?branch_id=34901&release_id=282329", "name": "http://blog.modsecurity.org/2008/08/transformation.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://freshmeat.net/projects/modsecurity/?branch_id=34901&release_id=282329" "url": "http://blog.modsecurity.org/2008/08/transformation.html"
}, },
{ {
"name" : "ADV-2008-2795", "name": "ADV-2008-2795",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/2795" "url": "http://www.vupen.com/english/advisories/2008/2795"
}, },
{ {
"name" : "32146", "name": "http://freshmeat.net/projects/modsecurity/?branch_id=34901&release_id=282329",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/32146" "url": "http://freshmeat.net/projects/modsecurity/?branch_id=34901&release_id=282329"
}, },
{ {
"name" : "modsecurity-sct-security-bypass(45770)", "name": "modsecurity-sct-security-bypass(45770)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45770" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45770"
} }
] ]
} }

86
2008/5xxx/CVE-2008-5785.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5785", "ID": "CVE-2008-5785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields." "value": "SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7061", "name": "32214",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7061" "url": "http://www.securityfocus.com/bid/32214"
}, },
{ {
"name" : "32214", "name": "4846",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/32214" "url": "http://securityreason.com/securityalert/4846"
}, },
{ {
"name" : "ADV-2008-3071", "name": "ADV-2008-3071",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/3071" "url": "http://www.vupen.com/english/advisories/2008/3071"
}, },
{ {
"name" : "4846", "name": "7061",
"refsource" : "SREASON", "refsource": "EXPLOIT-DB",
"url" : "http://securityreason.com/securityalert/4846" "url": "https://www.exploit-db.com/exploits/7061"
}, },
{ {
"name" : "profilesdating-index-sql-injection(46478)", "name": "profilesdating-index-sql-injection(46478)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46478" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46478"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2034.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2034", "ID": "CVE-2011-2034",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

152
2011/2xxx/CVE-2011-2107.json
View File

@ -1,136 +1,136 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-2107", "ID": "CVE-2011-2107",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\"" "value": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-13.html", "name": "http://www.blackberry.com/btsc/KB27240",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-13.html" "url": "http://www.blackberry.com/btsc/KB27240"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html", "name": "48308",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html" "url": "http://secunia.com/advisories/48308"
}, },
{ {
"name" : "http://www.blackberry.com/btsc/KB27240", "name": "44846",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.blackberry.com/btsc/KB27240" "url": "http://secunia.com/advisories/44846"
}, },
{ {
"name" : "RHSA-2011:0850", "name": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0850.html" "url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html"
}, },
{ {
"name" : "openSUSE-SU-2011:0612", "name": "44872",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "https://hermes.opensuse.org/messages/8704566" "url": "http://secunia.com/advisories/44872"
}, },
{ {
"name" : "48107", "name": "48107",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/48107" "url": "http://www.securityfocus.com/bid/48107"
}, },
{ {
"name" : "oval:org.mitre.oval:def:13762", "name": "44847",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13762" "url": "http://secunia.com/advisories/44847"
}, },
{ {
"name" : "1025603", "name": "http://www.adobe.com/support/security/bulletins/apsb11-13.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1025603" "url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
}, },
{ {
"name" : "1025658", "name": "44871",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1025658" "url": "http://secunia.com/advisories/44871"
}, },
{ {
"name" : "44846", "name": "RHSA-2011:0850",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/44846" "url": "http://www.redhat.com/support/errata/RHSA-2011-0850.html"
}, },
{ {
"name" : "44847", "name": "flash-player-unspecified-xss(67838)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/44847" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67838"
}, },
{ {
"name" : "44872", "name": "44946",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/44872" "url": "http://secunia.com/advisories/44946"
}, },
{ {
"name" : "44871", "name": "openSUSE-SU-2011:0612",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/44871" "url": "https://hermes.opensuse.org/messages/8704566"
}, },
{ {
"name" : "44946", "name": "1025658",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/44946" "url": "http://www.securitytracker.com/id?1025658"
}, },
{ {
"name" : "48308", "name": "oval:org.mitre.oval:def:13762",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/48308" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13762"
}, },
{ {
"name" : "flash-player-unspecified-xss(67838)", "name": "1025603",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67838" "url": "http://www.securitytracker.com/id?1025603"
} }
] ]
} }

98
2011/2xxx/CVE-2011-2176.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2176", "ID": "CVE-2011-2176",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors." "value": "GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8", "name": "http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8" "url": "http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=709662", "name": "1025711",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=709662" "url": "http://securitytracker.com/id?1025711"
}, },
{ {
"name" : "FEDORA-2011-8612", "name": "FEDORA-2011-8612",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html"
}, },
{ {
"name" : "MDVSA-2011:171", "name": "RHSA-2011:0930",
"refsource" : "MANDRIVA", "refsource": "REDHAT",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:171" "url": "http://www.redhat.com/support/errata/RHSA-2011-0930.html"
}, },
{ {
"name" : "RHSA-2011:0930", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=709662",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0930.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709662"
}, },
{ {
"name" : "1025711", "name": "MDVSA-2011:171",
"refsource" : "SECTRACK", "refsource": "MANDRIVA",
"url" : "http://securitytracker.com/id?1025711" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:171"
}, },
{ {
"name" : "44858", "name": "44858",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/44858" "url": "http://secunia.com/advisories/44858"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2236.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-2236", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-2236",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

74
2011/3xxx/CVE-2011-3697.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3697", "ID": "CVE-2011-3697",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraph_radar.php and certain other files." "value": "Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraph_radar.php and certain other files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/achievo-1.4.5",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/achievo-1.4.5"
}, },
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
}, },
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/achievo-1.4.5", "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/achievo-1.4.5" "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
} }
] ]
} }

68
2011/3xxx/CVE-2011-3862.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3862", "ID": "CVE-2011-3862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php." "value": "Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://sitewat.ch/en/Advisories/20", "name": "46295",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "https://sitewat.ch/en/Advisories/20" "url": "http://secunia.com/advisories/46295"
}, },
{ {
"name" : "46295", "name": "https://sitewat.ch/en/Advisories/20",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/46295" "url": "https://sitewat.ch/en/Advisories/20"
} }
] ]
} }

104
2011/3xxx/CVE-2011-3892.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2011-3892", "ID": "CVE-2011-3892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream." "value": "Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=100465", "name": "MDVSA-2012:076",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://code.google.com/p/chromium/issues/detail?id=100465" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html", "name": "MDVSA-2012:075",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075"
}, },
{ {
"name" : "DSA-2471", "name": "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2012/dsa-2471" "url": "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html"
}, },
{ {
"name" : "MDVSA-2012:075", "name": "49089",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075" "url": "http://secunia.com/advisories/49089"
}, },
{ {
"name" : "MDVSA-2012:076", "name": "DSA-2471",
"refsource" : "MANDRIVA", "refsource": "DEBIAN",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076" "url": "http://www.debian.org/security/2012/dsa-2471"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14484", "name": "http://code.google.com/p/chromium/issues/detail?id=100465",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484" "url": "http://code.google.com/p/chromium/issues/detail?id=100465"
}, },
{ {
"name" : "46933", "name": "oval:org.mitre.oval:def:14484",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/46933" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484"
}, },
{ {
"name" : "49089", "name": "46933",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49089" "url": "http://secunia.com/advisories/46933"
} }
] ]
} }

22
2013/0xxx/CVE-2013-0146.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-0146", "ID": "CVE-2013-0146",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

110
2013/0xxx/CVE-2013-0160.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0160", "ID": "CVE-2013-0160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device." "value": "The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130107 Re: /dev/ptmx timing", "name": "openSUSE-SU-2013:1187",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://www.openwall.com/lists/oss-security/2013/01/08/3" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=892983", "name": "[oss-security] 20130107 Re: /dev/ptmx timing",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=892983" "url": "http://www.openwall.com/lists/oss-security/2013/01/08/3"
}, },
{ {
"name" : "openSUSE-SU-2013:0395", "name": "USN-2129-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html" "url": "http://www.ubuntu.com/usn/USN-2129-1"
}, },
{ {
"name" : "SUSE-SU-2013:0674", "name": "USN-2128-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html" "url": "http://www.ubuntu.com/usn/USN-2128-1"
}, },
{ {
"name" : "openSUSE-SU-2013:0925", "name": "openSUSE-SU-2013:0395",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1187", "name": "SUSE-SU-2013:0674",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html"
}, },
{ {
"name" : "SUSE-SU-2013:1182", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=892983",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892983"
}, },
{ {
"name" : "USN-2128-1", "name": "openSUSE-SU-2013:0925",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-2128-1" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
}, },
{ {
"name" : "USN-2129-1", "name": "SUSE-SU-2013:1182",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-2129-1" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html"
} }
] ]
} }

22
2013/0xxx/CVE-2013-0564.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-0564", "ID": "CVE-2013-0564",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2013/0xxx/CVE-2013-0950.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-0950", "ID": "CVE-2013-0950",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1." "value": "WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5642", "name": "http://support.apple.com/kb/HT5642",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5642" "url": "http://support.apple.com/kb/HT5642"
}, },
{ {
"name" : "APPLE-SA-2013-01-28-1", "name": "APPLE-SA-2013-03-14-2",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2013-03-14-2", "name": "APPLE-SA-2013-01-28-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html" "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
} }
] ]
} }

74
2013/0xxx/CVE-2013-0958.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-0958", "ID": "CVE-2013-0958",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1." "value": "WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5642", "name": "http://support.apple.com/kb/HT5642",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5642" "url": "http://support.apple.com/kb/HT5642"
}, },
{ {
"name" : "APPLE-SA-2013-01-28-1", "name": "APPLE-SA-2013-03-14-2",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2013-03-14-2", "name": "APPLE-SA-2013-01-28-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html" "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
} }
] ]
} }

62
2013/1xxx/CVE-2013-1387.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2013-1387", "ID": "CVE-2013-1387",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows attackers to impersonate users via unknown vectors." "value": "Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows attackers to impersonate users via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb13-10.html", "name": "http://www.adobe.com/support/security/bulletins/apsb13-10.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb13-10.html" "url": "http://www.adobe.com/support/security/bulletins/apsb13-10.html"
} }
] ]
} }

146
2013/1xxx/CVE-2013-1481.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-1481", "ID": "CVE-2013-1481",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound." "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", "name": "SSRT101156",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2"
}, },
{ {
"name" : "HPSBUX02864", "name": "TA13-032A",
"refsource" : "HP", "refsource": "CERT",
"url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
}, },
{ {
"name" : "SSRT101156", "name": "RHSA-2013:0236",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=136570436423916&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
}, },
{ {
"name" : "HPSBMU02874", "name": "RHSA-2013:1455",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
}, },
{ {
"name" : "SSRT101184", "name": "VU#858729",
"refsource" : "HP", "refsource": "CERT-VN",
"url" : "http://marc.info/?l=bugtraq&m=136733161405818&w=2" "url": "http://www.kb.cert.org/vuls/id/858729"
}, },
{ {
"name" : "RHSA-2013:0236", "name": "oval:org.mitre.oval:def:19170",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0236.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19170"
}, },
{ {
"name" : "RHSA-2013:1455", "name": "SUSE-SU-2013:0478",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
}, },
{ {
"name" : "RHSA-2013:1456", "name": "HPSBMU02874",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2"
}, },
{ {
"name" : "SUSE-SU-2013:0478", "name": "57718",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html" "url": "http://www.securityfocus.com/bid/57718"
}, },
{ {
"name" : "TA13-032A", "name": "oval:org.mitre.oval:def:16430",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16430"
}, },
{ {
"name" : "VU#858729", "name": "RHSA-2013:1456",
"refsource" : "CERT-VN", "refsource": "REDHAT",
"url" : "http://www.kb.cert.org/vuls/id/858729" "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
}, },
{ {
"name" : "57718", "name": "HPSBUX02864",
"refsource" : "BID", "refsource": "HP",
"url" : "http://www.securityfocus.com/bid/57718" "url": "http://marc.info/?l=bugtraq&m=136570436423916&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16430", "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16430" "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19170", "name": "SSRT101184",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19170" "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19268", "name": "oval:org.mitre.oval:def:19268",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19268" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19268"
} }
] ]
} }

80
2013/4xxx/CVE-2013-4198.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-4198", "ID": "CVE-2013-4198",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality." "value": "mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=978480",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://seclists.org/oss-sec/2013/q3/261" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978480"
}, },
{ {
"name" : "http://plone.org/products/plone-hotfix/releases/20130618", "name": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://plone.org/products/plone-hotfix/releases/20130618" "url": "http://plone.org/products/plone/security/advisories/20130618-announcement"
}, },
{ {
"name" : "http://plone.org/products/plone/security/advisories/20130618-announcement", "name": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://plone.org/products/plone/security/advisories/20130618-announcement" "url": "http://plone.org/products/plone-hotfix/releases/20130618"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=978480", "name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=978480" "url": "http://seclists.org/oss-sec/2013/q3/261"
} }
] ]
} }

22
2013/5xxx/CVE-2013-5294.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5294", "ID": "CVE-2013-5294",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2013/5xxx/CVE-2013-5301.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5301", "ID": "CVE-2013-5301",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter." "value": "Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130807 Trustport Webfilter Remote File Access Vulnerability", "name": "61662",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-08/0043.html" "url": "http://www.securityfocus.com/bid/61662"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/122735/Trustport-Webfilter-Traversal-File-Disclosure.html", "name": "http://packetstormsecurity.com/files/122735/Trustport-Webfilter-Traversal-File-Disclosure.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/122735/Trustport-Webfilter-Traversal-File-Disclosure.html" "url": "http://packetstormsecurity.com/files/122735/Trustport-Webfilter-Traversal-File-Disclosure.html"
}, },
{ {
"name" : "61662", "name": "trustportwebfilter-help-directory-traversal(86289)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/61662" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86289"
}, },
{ {
"name" : "trustportwebfilter-help-directory-traversal(86289)", "name": "20130807 Trustport Webfilter Remote File Access Vulnerability",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86289" "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0043.html"
} }
] ]
} }

92
2013/5xxx/CVE-2013-5303.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5303", "ID": "CVE-2013-5303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to \"Insecure Unserialize.\"" "value": "Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to \"Insecure Unserialize.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013", "name": "95967",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013" "url": "http://osvdb.org/95967"
}, },
{ {
"name" : "http://typo3.org/extensions/repository/view/locator", "name": "54350",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://typo3.org/extensions/repository/view/locator" "url": "http://secunia.com/advisories/54350"
}, },
{ {
"name" : "61606", "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/61606" "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013"
}, },
{ {
"name" : "95967", "name": "storelocator-unserialize-code-execution(86233)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/95967" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86233"
}, },
{ {
"name" : "54350", "name": "http://typo3.org/extensions/repository/view/locator",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/54350" "url": "http://typo3.org/extensions/repository/view/locator"
}, },
{ {
"name" : "storelocator-unserialize-code-execution(86233)", "name": "61606",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86233" "url": "http://www.securityfocus.com/bid/61606"
} }
] ]
} }

200
2013/5xxx/CVE-2013-5820.json
View File

@ -1,176 +1,176 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5820", "ID": "CVE-2013-5820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS." "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "name": "63133",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "url": "http://www.securityfocus.com/bid/63133"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5982", "name": "RHSA-2014:0414",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://support.apple.com/kb/HT5982" "url": "https://access.redhat.com/errata/RHSA-2014:0414"
}, },
{ {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html", "name": "GLSA-201406-32",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", "name": "RHSA-2013:1447",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
}, },
{ {
"name" : "APPLE-SA-2013-10-15-1", "name": "RHSA-2013:1440",
"refsource" : "APPLE", "refsource": "REDHAT",
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
}, },
{ {
"name" : "GLSA-201406-32", "name": "USN-2033-1",
"refsource" : "GENTOO", "refsource": "UBUNTU",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://www.ubuntu.com/usn/USN-2033-1"
}, },
{ {
"name" : "HPSBUX02943", "name": "oval:org.mitre.oval:def:19206",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://marc.info/?l=bugtraq&m=138674031212883&w=2" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19206"
}, },
{ {
"name" : "HPSBUX02944", "name": "USN-2089-1",
"refsource" : "HP", "refsource": "UBUNTU",
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2" "url": "http://www.ubuntu.com/usn/USN-2089-1"
}, },
{ {
"name" : "RHSA-2013:1440", "name": "RHSA-2013:1508",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
}, },
{ {
"name" : "RHSA-2013:1447", "name": "SUSE-SU-2013:1677",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1447.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
}, },
{ {
"name" : "RHSA-2013:1451", "name": "HPSBUX02944",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1451.html" "url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
}, },
{ {
"name" : "RHSA-2013:1505", "name": "RHSA-2013:1505",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1505.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
}, },
{ {
"name" : "RHSA-2013:1507", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
}, },
{ {
"name" : "RHSA-2013:1508", "name": "HPSBUX02943",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "url": "http://marc.info/?l=bugtraq&m=138674031212883&w=2"
}, },
{ {
"name" : "RHSA-2013:1793", "name": "openSUSE-SU-2013:1663",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
}, },
{ {
"name" : "RHSA-2014:0414", "name": "SUSE-SU-2013:1666",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
}, },
{ {
"name" : "SUSE-SU-2013:1666", "name": "RHSA-2013:1793",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
}, },
{ {
"name" : "SUSE-SU-2013:1677", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1663", "name": "APPLE-SA-2013-10-15-1",
"refsource" : "SUSE", "refsource": "APPLE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html" "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
}, },
{ {
"name" : "USN-2033-1", "name": "RHSA-2013:1507",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-2033-1" "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
}, },
{ {
"name" : "USN-2089-1", "name": "http://support.apple.com/kb/HT5982",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-2089-1" "url": "http://support.apple.com/kb/HT5982"
}, },
{ {
"name" : "63133", "name": "56338",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/63133" "url": "http://secunia.com/advisories/56338"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19206", "name": "RHSA-2013:1451",
"refsource" : "OVAL", "refsource": "REDHAT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19206" "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
}, },
{ {
"name" : "56338", "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/56338" "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
} }
] ]
} }

92
2013/5xxx/CVE-2013-5846.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5846", "ID": "CVE-2013-5846",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX." "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "name": "63127",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "url": "http://www.securityfocus.com/bid/63127"
}, },
{ {
"name" : "HPSBUX02944", "name": "RHSA-2013:1440",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
}, },
{ {
"name" : "RHSA-2013:1440", "name": "98539",
"refsource" : "REDHAT", "refsource": "OSVDB",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "url": "http://osvdb.org/98539"
}, },
{ {
"name" : "63127", "name": "HPSBUX02944",
"refsource" : "BID", "refsource": "HP",
"url" : "http://www.securityfocus.com/bid/63127" "url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
}, },
{ {
"name" : "98539", "name": "oval:org.mitre.oval:def:18904",
"refsource" : "OSVDB", "refsource": "OVAL",
"url" : "http://osvdb.org/98539" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18904"
}, },
{ {
"name" : "oval:org.mitre.oval:def:18904", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18904" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
} }
] ]
} }

80
2013/5xxx/CVE-2013-5859.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5859", "ID": "CVE-2013-5859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Instantis EnterpriseTrack component in Oracle Primavera Products Suite 8.0.6 and 8.5 allows remote attackers to affect confidentiality via unknown vectors." "value": "Unspecified vulnerability in the Instantis EnterpriseTrack component in Oracle Primavera Products Suite 8.0.6 and 8.5 allows remote attackers to affect confidentiality via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "name": "63117",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "url": "http://www.securityfocus.com/bid/63117"
}, },
{ {
"name" : "63117", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/63117" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}, },
{ {
"name" : "98521", "name": "98521",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/98521" "url": "http://osvdb.org/98521"
}, },
{ {
"name" : "55358", "name": "55358",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/55358" "url": "http://secunia.com/advisories/55358"
} }
] ]
} }

22
2014/2xxx/CVE-2014-2272.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2272", "ID": "CVE-2014-2272",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/0xxx/CVE-2017-0323.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2017-0323", "ID": "CVE-2017-0323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GPU Display Driver", "product_name": "GPU Display Driver",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All" "version_value": "All"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges." "value": "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service, Escalation of Privileges" "value": "Denial of Service, Escalation of Privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4398", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4398",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4398" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4398"
} }
] ]
} }

64
2017/12xxx/CVE-2017-12071.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@synology.com", "ASSIGNER": "security@synology.com",
"DATE_PUBLIC" : "2017-09-08T00:00:00", "DATE_PUBLIC": "2017-09-08T00:00:00",
"ID" : "CVE-2017-12071", "ID": "CVE-2017-12071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Synology Photo Station", "product_name": "Synology Photo Station",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "before 6.7.4-3433 and 6.3-2968" "version_value": "before 6.7.4-3433 and 6.3-2968"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Synology" "vendor_name": "Synology"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter." "value": "Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Server-Side Request Forgery (CWE-918)" "value": "Server-Side Request Forgery (CWE-918)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation", "name": "https://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation" "url": "https://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation"
} }
] ]
} }

74
2017/12xxx/CVE-2017-12235.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-12235", "ID": "CVE-2017-12235",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco IOS", "product_name": "Cisco IOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco IOS" "version_value": "Cisco IOS"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179." "value": "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-20" "value": "CWE-20"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet", "name": "101043",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet" "url": "http://www.securityfocus.com/bid/101043"
}, },
{ {
"name" : "101043", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101043" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-profinet"
}, },
{ {
"name" : "1039451", "name": "1039451",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039451" "url": "http://www.securitytracker.com/id/1039451"
} }
] ]
} }

74
2017/12xxx/CVE-2017-12265.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-12265", "ID": "CVE-2017-12265",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Adaptive Security Appliance Software", "product_name": "Cisco Adaptive Security Appliance Software",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Adaptive Security Appliance Software" "version_value": "Cisco Adaptive Security Appliance Software"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068." "value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-79" "value": "CWE-79"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1", "name": "101170",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1" "url": "http://www.securityfocus.com/bid/101170"
}, },
{ {
"name" : "101170", "name": "1039502",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101170" "url": "http://www.securitytracker.com/id/1039502"
}, },
{ {
"name" : "1039502", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1039502" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
} }
] ]
} }

98
2017/12xxx/CVE-2017-12897.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12897", "ID": "CVE-2017-12897",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print()." "value": "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print()."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.tcpdump.org/tcpdump-changes.txt", "name": "GLSA-201709-23",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.tcpdump.org/tcpdump-changes.txt" "url": "https://security.gentoo.org/glsa/201709-23"
}, },
{ {
"name" : "https://github.com/the-tcpdump-group/tcpdump/commit/1dcd10aceabbc03bf571ea32b892c522cbe923de", "name": "https://support.apple.com/HT208221",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/the-tcpdump-group/tcpdump/commit/1dcd10aceabbc03bf571ea32b892c522cbe923de" "url": "https://support.apple.com/HT208221"
}, },
{ {
"name" : "https://support.apple.com/HT208221", "name": "DSA-3971",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://support.apple.com/HT208221" "url": "http://www.debian.org/security/2017/dsa-3971"
}, },
{ {
"name" : "DSA-3971", "name": "https://github.com/the-tcpdump-group/tcpdump/commit/1dcd10aceabbc03bf571ea32b892c522cbe923de",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2017/dsa-3971" "url": "https://github.com/the-tcpdump-group/tcpdump/commit/1dcd10aceabbc03bf571ea32b892c522cbe923de"
}, },
{ {
"name" : "GLSA-201709-23", "name": "1039307",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "https://security.gentoo.org/glsa/201709-23" "url": "http://www.securitytracker.com/id/1039307"
}, },
{ {
"name" : "RHEA-2018:0705", "name": "http://www.tcpdump.org/tcpdump-changes.txt",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHEA-2018:0705" "url": "http://www.tcpdump.org/tcpdump-changes.txt"
}, },
{ {
"name" : "1039307", "name": "RHEA-2018:0705",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1039307" "url": "https://access.redhat.com/errata/RHEA-2018:0705"
} }
] ]
} }

86
2017/12xxx/CVE-2017-12934.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12934", "ID": "CVE-2017-12934",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP." "value": "ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://php.net/ChangeLog-7.php", "name": "https://bugs.php.net/bug.php?id=74101",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://php.net/ChangeLog-7.php" "url": "https://bugs.php.net/bug.php?id=74101"
}, },
{ {
"name" : "https://bugs.php.net/bug.php?id=74101", "name": "100428",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugs.php.net/bug.php?id=74101" "url": "http://www.securityfocus.com/bid/100428"
}, },
{ {
"name" : "DSA-4080", "name": "RHSA-2018:1296",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "https://www.debian.org/security/2018/dsa-4080" "url": "https://access.redhat.com/errata/RHSA-2018:1296"
}, },
{ {
"name" : "RHSA-2018:1296", "name": "DSA-4080",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "https://access.redhat.com/errata/RHSA-2018:1296" "url": "https://www.debian.org/security/2018/dsa-4080"
}, },
{ {
"name" : "100428", "name": "http://php.net/ChangeLog-7.php",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/100428" "url": "http://php.net/ChangeLog-7.php"
} }
] ]
} }

70
2017/16xxx/CVE-2017-16114.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2017-16114", "ID": "CVE-2017-16114",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "marked node module", "product_name": "marked node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds." "value": "The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service (CWE-400)" "value": "Denial of Service (CWE-400)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/chjj/marked/issues/937", "name": "https://nodesecurity.io/advisories/531",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/chjj/marked/issues/937" "url": "https://nodesecurity.io/advisories/531"
}, },
{ {
"name" : "https://nodesecurity.io/advisories/531", "name": "https://github.com/chjj/marked/issues/937",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://nodesecurity.io/advisories/531" "url": "https://github.com/chjj/marked/issues/937"
} }
] ]
} }

70
2017/16xxx/CVE-2017-16164.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2017-16164", "ID": "CVE-2017-16164",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "desafio node module", "product_name": "desafio node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "desafio is a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url, but is limited to accessing only .html files." "value": "desafio is a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url, but is limited to accessing only .html files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Path Traversal (CWE-22)" "value": "Path Traversal (CWE-22)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/desafio", "name": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/desafio",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/desafio" "url": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/desafio"
}, },
{ {
"name" : "https://nodesecurity.io/advisories/397", "name": "https://nodesecurity.io/advisories/397",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://nodesecurity.io/advisories/397" "url": "https://nodesecurity.io/advisories/397"
} }
] ]
} }

70
2017/16xxx/CVE-2017-16208.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2017-16208", "ID": "CVE-2017-16208",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "dmmcquay.lab6 node module", "product_name": "dmmcquay.lab6 node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url." "value": "dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Path Traversal (CWE-22)" "value": "Path Traversal (CWE-22)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6", "name": "https://nodesecurity.io/advisories/426",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6" "url": "https://nodesecurity.io/advisories/426"
}, },
{ {
"name" : "https://nodesecurity.io/advisories/426", "name": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://nodesecurity.io/advisories/426" "url": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6"
} }
] ]
} }

22
2017/16xxx/CVE-2017-16454.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-16454", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-16454",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }

62
2017/16xxx/CVE-2017-16597.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2017-16597", "ID": "CVE-2017-16597",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "NetGain Systems Enterprise Manager", "product_name": "NetGain Systems Enterprise Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.2.730 build 1034" "version_value": "7.2.730 build 1034"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "NetGain Systems" "vendor_name": "NetGain Systems"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5137." "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5137."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-22-Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://zerodayinitiative.com/advisories/ZDI-17-962", "name": "https://zerodayinitiative.com/advisories/ZDI-17-962",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://zerodayinitiative.com/advisories/ZDI-17-962" "url": "https://zerodayinitiative.com/advisories/ZDI-17-962"
} }
] ]
} }

134
2017/16xxx/CVE-2017-16669.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16669", "ID": "CVE-2017-16669",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c." "value": "coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20171110 [SECURITY] [DLA 1168-1] graphicsmagick security update", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00013.html" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e"
}, },
{ {
"name" : "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36af",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36af"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d", "name": "101795",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d" "url": "http://www.securityfocus.com/bid/101795"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145b", "name": "[debian-lts-announce] 20171110 [SECURITY] [DLA 1168-1] graphicsmagick security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145b" "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00013.html"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36af", "name": "DSA-4321",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36af" "url": "https://www.debian.org/security/2018/dsa-4321"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779d", "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779d" "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fff", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fff" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0", "name": "https://sourceforge.net/p/graphicsmagick/bugs/450/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0" "url": "https://sourceforge.net/p/graphicsmagick/bugs/450/"
}, },
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fff",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/fcd3ed3394f6" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fff"
}, },
{ {
"name" : "https://sourceforge.net/p/graphicsmagick/bugs/450/", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145b",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/graphicsmagick/bugs/450/" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145b"
}, },
{ {
"name" : "DSA-4321", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779d",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "https://www.debian.org/security/2018/dsa-4321" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779d"
}, },
{ {
"name" : "101795", "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/101795" "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0"
} }
] ]
} }

22
2017/4xxx/CVE-2017-4039.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4039", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4039",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4072.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4072", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4072",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4820.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4820", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4820",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2018/18xxx/CVE-2018-18229.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18229", "ID": "CVE-2018-18229",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/18xxx/CVE-2018-18623.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18623", "ID": "CVE-2018-18623",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

88
2018/5xxx/CVE-2018-5163.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2018-5163", "ID": "CVE-2018-5163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "60" "version_value": "60"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60." "value": "If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Replacing cached data in JavaScript Start-up Bytecode Cache" "value": "Replacing cached data in JavaScript Start-up Bytecode Cache"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1426353", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1426353",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1426353" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1426353"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-11/", "name": "https://www.mozilla.org/security/advisories/mfsa2018-11/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-11/" "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/"
}, },
{ {
"name" : "USN-3645-1", "name": "1040896",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "https://usn.ubuntu.com/3645-1/" "url": "http://www.securitytracker.com/id/1040896"
}, },
{ {
"name" : "104139", "name": "USN-3645-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/104139" "url": "https://usn.ubuntu.com/3645-1/"
}, },
{ {
"name" : "1040896", "name": "104139",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1040896" "url": "http://www.securityfocus.com/bid/104139"
} }
] ]
} }

68
2018/5xxx/CVE-2018-5338.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5338", "ID": "CVE-2018-5338",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism." "value": "An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/", "name": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/" "url": "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html"
}, },
{ {
"name" : "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html", "name": "https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html" "url": "https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-manageengine-desktop-central/"
} }
] ]
} }

86
2018/5xxx/CVE-2018-5812.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "PSIRT-CNA@flexerasoftware.com", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2018-5812", "ID": "CVE-2018-5812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "LibRaw", "product_name": "LibRaw",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Prior to 0.18.9" "version_value": "Prior to 0.18.9"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An error within the \"nikon_coolscan_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference." "value": "An error within the \"nikon_coolscan_load_raw()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "DoS (Denial of Service) through NULL pointer dereference" "value": "DoS (Denial of Service) through NULL pointer dereference"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt", "name": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt" "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"
}, },
{ {
"name" : "https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9", "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9" "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/"
}, },
{ {
"name" : "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/", "name": "81800",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10/" "url": "https://secuniaresearch.flexerasoftware.com/advisories/81800/"
}, },
{ {
"name" : "USN-3838-1", "name": "https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9",
"refsource" : "UBUNTU", "refsource": "MISC",
"url" : "https://usn.ubuntu.com/3838-1/" "url": "https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9"
}, },
{ {
"name" : "81800", "name": "USN-3838-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "https://secuniaresearch.flexerasoftware.com/advisories/81800/" "url": "https://usn.ubuntu.com/3838-1/"
} }
] ]
} }