admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:42:01 +00:00
parent 72a68d6467
commit dda74bcb7b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3232 additions and 3232 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2002/0xxx/CVE-2002-0218.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0218",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0218",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument."
"lang": "eng",
"value": "Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020129 sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/252891"
"name": "3980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3980"
},
{
"name" : "20020129 sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html"
"name": "http://www.sas.com/service/techsup/unotes/SN/004/004201.html",
"refsource": "MISC",
"url": "http://www.sas.com/service/techsup/unotes/SN/004/004201.html"
},
{
"name" : "20020129 Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/252847"
"name": "20020129 Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/252847"
},
{
"name" : "http://www.sas.com/service/techsup/unotes/SN/004/004201.html",
"refsource" : "MISC",
"url" : "http://www.sas.com/service/techsup/unotes/SN/004/004201.html"
"name": "sas-sastcpd-spawner-format-string(8018)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8018.php"
},
{
"name" : "3980",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/3980"
"name": "20020129 sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/252891"
},
{
"name" : "sas-sastcpd-spawner-format-string(8018)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8018.php"
"name": "20020129 sastcpd Buffer Overflow and Format String Vulnerabilities",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html"
}
]
}

68
2002/1xxx/CVE-2002-1087.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request."
"lang": "eng",
"value": "The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020725 [VulnWatch] ezContents multiple vulnerabilities",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html"
"name": "20020725 ezContents multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/284229"
},
{
"name" : "20020725 ezContents multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/284229"
"name": "20020725 [VulnWatch] ezContents multiple vulnerabilities",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html"
}
]
}

158
2002/1xxx/CVE-2002-1318.json
View File

@ -1,141 +1,141 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string."
"lang": "eng",
"value": "Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://us1.samba.org/samba/whatsnew/samba-2.2.7.html",
"refsource" : "CONFIRM",
"url" : "http://us1.samba.org/samba/whatsnew/samba-2.2.7.html"
"name": "oval:org.mitre.oval:def:1467",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467"
},
{
"name" : "CLA-2002:550",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550"
"name": "VU#958321",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/958321"
},
{
"name" : "DSA-200",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2002/dsa-200"
"name": "CLA-2002:550",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550"
},
{
"name" : "HPSBUX0212-230",
"refsource" : "HP",
"url" : "http://www.ciac.org/ciac/bulletins/n-023.shtml"
"name": "samba-password-change-bo(10683)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10683"
},
{
"name" : "MDKSA-2002:081",
"refsource" : "MANDRAKE",
"url" : "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.php"
"name": "SuSE-SA:2002:045",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_045_samba.html"
},
{
"name" : "RHSA-2002:266",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2002-266.html"
"name": "http://us1.samba.org/samba/whatsnew/samba-2.2.7.html",
"refsource": "CONFIRM",
"url": "http://us1.samba.org/samba/whatsnew/samba-2.2.7.html"
},
{
"name" : "20021204-01-I",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20021204-01-I"
"name": "20021121 GLSA: samba",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=103801986818076&w=2"
},
{
"name" : "53580",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580"
"name": "DSA-200",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-200"
},
{
"name" : "SuSE-SA:2002:045",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2002_045_samba.html"
"name": "HPSBUX0212-230",
"refsource": "HP",
"url": "http://www.ciac.org/ciac/bulletins/n-023.shtml"
},
{
"name" : "20021121 GLSA: samba",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=103801986818076&w=2"
"name": "20021129 [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=103859045302448&w=2"
},
{
"name" : "20021129 [OpenPKG-SA-2002.012] OpenPKG Security Advisory (samba)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=103859045302448&w=2"
"name": "N-019",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-019.shtml"
},
{
"name" : "VU#958321",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/958321"
"name": "6210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6210"
},
{
"name" : "N-019",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/n-019.shtml"
"name": "RHSA-2002:266",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-266.html"
},
{
"name" : "N-023",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/n-023.shtml"
"name": "53580",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580"
},
{
"name" : "6210",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6210"
"name": "20021204-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021204-01-I"
},
{
"name" : "oval:org.mitre.oval:def:1467",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1467"
"name": "N-023",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-023.shtml"
},
{
"name" : "samba-password-change-bo(10683)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10683"
"name": "MDKSA-2002:081",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-081.php"
}
]
}

116
2002/1xxx/CVE-2002-1372.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1372",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1372",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta."
"lang": "eng",
"value": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=104032149026670&w=2"
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"name" : "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
"name": "CLSA-2003:702",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702"
},
{
"name" : "http://www.idefense.com/advisory/12.19.02.txt",
"refsource" : "MISC",
"url" : "http://www.idefense.com/advisory/12.19.02.txt"
"name": "DSA-232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"name" : "CLSA-2003:702",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702"
"name": "SuSE-SA:2003:002",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"name" : "DSA-232",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-232"
"name": "http://www.idefense.com/advisory/12.19.02.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"name" : "MDKSA-2003:001",
"refsource" : "MANDRAKE",
"url" : "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
"name": "RHSA-2002:295",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"name" : "RHSA-2002:295",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2002-295.html"
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=104032149026670&w=2"
},
{
"name" : "SuSE-SA:2003:002",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
"name": "MDKSA-2003:001",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"name" : "6440",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6440"
"name": "6440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6440"
},
{
"name" : "cups-file-descriptor-dos(10912)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
"name": "cups-file-descriptor-dos(10912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
}
]
}

74
2002/1xxx/CVE-2002-1440.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1440",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1440",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Gateway GS-400 server has a default root password of \"0001n\" that can not be changed via the administrative interface, which can allow attackers to gain root privileges."
"lang": "eng",
"value": "The Gateway GS-400 server has a default root password of \"0001n\" that can not be changed via the administrative interface, which can allow attackers to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020814 Trivial root compromise in Gateway GS-400 NAS Servers",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-08/0126.html"
"name": "5472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5472"
},
{
"name" : "gateway-gs400-default-password(9864)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9864.php"
"name": "20020814 Trivial root compromise in Gateway GS-400 NAS Servers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0126.html"
},
{
"name" : "5472",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5472"
"name": "gateway-gs400-default-password(9864)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9864.php"
}
]
}

80
2002/1xxx/CVE-2002-1726.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1726",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1726",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page."
"lang": "eng",
"value": "secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020504 Security holes : PHP Image View, NewsPro, Photo DB, As_web, GuestBook",
"refsource" : "VULN-DEV",
"url" : "http://online.securityfocus.com/archive/82/270970"
"name": "20020504 Security holes : PHP Image View, NewsPro, Photo DB, As_web, GuestBook",
"refsource": "VULN-DEV",
"url": "http://online.securityfocus.com/archive/82/270970"
},
{
"name" : "http://www.ifrance.com/kitetoua/tuto/5holes4.txt",
"refsource" : "MISC",
"url" : "http://www.ifrance.com/kitetoua/tuto/5holes4.txt"
"name": "photodb-admin-access(9002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9002"
},
{
"name" : "photodb-admin-access(9002)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/9002"
"name": "4669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4669"
},
{
"name" : "4669",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4669"
"name": "http://www.ifrance.com/kitetoua/tuto/5holes4.txt",
"refsource": "MISC",
"url": "http://www.ifrance.com/kitetoua/tuto/5holes4.txt"
}
]
}

74
2003/0xxx/CVE-2003-0260.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0260",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0260",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets."
"lang": "eng",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
"name": "cisco-vpn-icmp-dos(11956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
},
{
"name" : "VU#221164",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/221164"
"name": "VU#221164",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"name" : "cisco-vpn-icmp-dos(11956)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
}
]
}

68
2003/0xxx/CVE-2003-0505.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0505",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0505",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via \"..\\..\" (dot dot) sequences in a file transfer request."
"lang": "eng",
"value": "Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via \"..\\..\" (dot dot) sequences in a file transfer request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030702 CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105716650021546&w=2"
"name": "7931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7931"
},
{
"name" : "7931",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7931"
"name": "20030702 CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105716650021546&w=2"
}
]
}

80
2003/0xxx/CVE-2003-0877.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0877",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0877",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory."
"lang": "eng",
"value": "Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "A102803-1",
"refsource" : "ATSTAKE",
"url" : "http://www.atstake.com/research/advisories/2003/a102803-1.txt"
"name": "macos-core-files-symlink(13542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13542"
},
{
"name" : "8914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/8914"
"name": "8917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8917"
},
{
"name" : "8917",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/8917"
"name": "A102803-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2003/a102803-1.txt"
},
{
"name" : "macos-core-files-symlink(13542)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13542"
"name": "8914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8914"
}
]
}

86
2003/1xxx/CVE-2003-1354.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1354",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1354",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942."
"lang": "eng",
"value": "Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030122 PivX Multi-Vendor Game Server dDoS Advisory",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/lists/bugtraq/2003/Jan/0178.html"
"name": "http://www.securiteam.com/securitynews/5EP0O0K8UO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5EP0O0K8UO.html"
},
{
"name" : "http://www.pivx.com/kristovich/adv/mk001/",
"refsource" : "MISC",
"url" : "http://www.pivx.com/kristovich/adv/mk001/"
"name": "battlefield-udp-query-dos(11084)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11084"
},
{
"name" : "http://www.securiteam.com/securitynews/5EP0O0K8UO.html",
"refsource" : "MISC",
"url" : "http://www.securiteam.com/securitynews/5EP0O0K8UO.html"
"name": "6636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6636"
},
{
"name" : "6636",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6636"
"name": "20030122 PivX Multi-Vendor Game Server dDoS Advisory",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2003/Jan/0178.html"
},
{
"name" : "battlefield-udp-query-dos(11084)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11084"
"name": "http://www.pivx.com/kristovich/adv/mk001/",
"refsource": "MISC",
"url": "http://www.pivx.com/kristovich/adv/mk001/"
}
]
}

80
2003/1xxx/CVE-2003-1357.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1357",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1357",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access."
"lang": "eng",
"value": "ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030128 ProxyView default undocumented password",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/308733"
"name": "proxyview-administrator-default-password(11185)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11185"
},
{
"name" : "6708",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6708"
"name": "3228",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3228"
},
{
"name" : "3228",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3228"
"name": "6708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6708"
},
{
"name" : "proxyview-administrator-default-password(11185)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11185"
"name": "20030128 ProxyView default undocumented password",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/308733"
}
]
}

92
2003/1xxx/CVE-2003-1541.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1541",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1541",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt."
"lang": "eng",
"value": "PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030321 Guestbook tr3.a",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/315895/30/25400/threaded"
"name": "guestbooktr3a-plaintext-password-disclosure(11609)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11609"
},
{
"name" : "7167",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7167"
"name": "1006360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006360"
},
{
"name" : "1006360",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1006360"
"name": "3653",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3653"
},
{
"name" : "8392",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/8392"
"name": "7167",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7167"
},
{
"name" : "3653",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3653"
"name": "20030321 Guestbook tr3.a",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315895/30/25400/threaded"
},
{
"name" : "guestbooktr3a-plaintext-password-disclosure(11609)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11609"
"name": "8392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8392"
}
]
}

22
2003/1xxx/CVE-2003-1601.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1601",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1601",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2012/0xxx/CVE-2012-0423.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0423",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0423",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2012/0xxx/CVE-2012-0843.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0843",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0843",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2012/0xxx/CVE-2012-0917.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0917",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0917",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Analyzer 02-01, 02-51 through 02-51-01, and 02-53 through 02-53-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Analyzer 02-01, 02-51 through 02-51-01, and 02-53 through 02-53-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html"
"name": "47467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47467"
},
{
"name" : "51340",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51340"
"name": "78221",
"refsource": "OSVDB",
"url": "http://osvdb.org/78221"
},
{
"name" : "78221",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/78221"
"name": "51340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51340"
},
{
"name" : "47467",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47467"
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html"
},
{
"name" : "hitachi-it-unspecified-xss(72248)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72248"
"name": "hitachi-it-unspecified-xss(72248)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72248"
}
]
}

22
2012/1xxx/CVE-2012-1096.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1096",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1096",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

152
2012/1xxx/CVE-2012-1128.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1128",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1128",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
"lang": "eng",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/03/06/16"
"name": "48508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48508"
},
{
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
"name": "48822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48822"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
"name": "MDVSA-2012:057",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=800584",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name" : "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503"
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
},
{
"name" : "APPLE-SA-2012-09-19-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name": "52318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name" : "GLSA-201204-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201204-04.xml"
"name": "USN-1403-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"name" : "MDVSA-2012:057",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name" : "SUSE-SU-2012:0484",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name" : "openSUSE-SU-2012:0489",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
"name": "SUSE-SU-2012:0484",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name" : "USN-1403-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1403-1"
"name": "48973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48973"
},
{
"name" : "52318",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52318"
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name" : "1026765",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026765"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800584",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"name" : "48822",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48822"
"name": "1026765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name" : "48973",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48973"
"name": "openSUSE-SU-2012:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name" : "48508",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48508"
"name": "GLSA-201204-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}

62
2012/1xxx/CVE-2012-1908.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1908",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1908",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.splunk.com/view/SP-CAAAGTK#38585",
"refsource" : "CONFIRM",
"url" : "http://www.splunk.com/view/SP-CAAAGTK#38585"
"name": "http://www.splunk.com/view/SP-CAAAGTK#38585",
"refsource": "CONFIRM",
"url": "http://www.splunk.com/view/SP-CAAAGTK#38585"
}
]
}

98
2012/1xxx/CVE-2012-1929.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1929",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1929",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area."
"lang": "eng",
"value": "Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1162/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1162/"
"name": "http://www.opera.com/docs/changelogs/mac/1162/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1162/"
},
{
"name" : "http://www.opera.com/support/kb/view/1009/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/1009/"
"name": "http://www.opera.com/support/kb/view/1013/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/1013/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1162/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1162/"
"name": "http://www.opera.com/docs/changelogs/windows/1162/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1162/"
},
{
"name" : "http://www.opera.com/support/kb/view/1013/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/1013/"
"name": "openSUSE-SU-2012:0610",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html"
},
{
"name" : "openSUSE-SU-2012:0610",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html"
"name": "http://www.opera.com/support/kb/view/1009/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/1009/"
},
{
"name" : "48535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48535"
"name": "48535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48535"
},
{
"name" : "opera-dialogs-spoofing(74352)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74352"
"name": "opera-dialogs-spoofing(74352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74352"
}
]
}

68
2012/4xxx/CVE-2012-4007.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4007",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-4007",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card."
"lang": "eng",
"value": "The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "JVN#92038939",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN92038939/index.html"
"name": "JVNDB-2012-000078",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000078"
},
{
"name" : "JVNDB-2012-000078",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000078"
"name": "JVN#92038939",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN92038939/index.html"
}
]
}

68
2012/4xxx/CVE-2012-4067.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4067",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4067",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a denial of service (memory, thread, and CPU consumption) via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request."
"lang": "eng",
"value": "Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a denial of service (memory, thread, and CPU consumption) via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.eucalyptus.com/resources/security/advisories/esa-09",
"refsource" : "CONFIRM",
"url" : "http://www.eucalyptus.com/resources/security/advisories/esa-09"
"name": "https://eucalyptus.atlassian.net/browse/EUCA-5277",
"refsource": "CONFIRM",
"url": "https://eucalyptus.atlassian.net/browse/EUCA-5277"
},
{
"name" : "https://eucalyptus.atlassian.net/browse/EUCA-5277",
"refsource" : "CONFIRM",
"url" : "https://eucalyptus.atlassian.net/browse/EUCA-5277"
"name": "http://www.eucalyptus.com/resources/security/advisories/esa-09",
"refsource": "CONFIRM",
"url": "http://www.eucalyptus.com/resources/security/advisories/esa-09"
}
]
}

68
2012/4xxx/CVE-2012-4274.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4274",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4274",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 through 06-01-/A, 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B and Cobol GUI Option Server 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B allows remote attackers to execute arbitrary code via unknown attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 through 06-01-/A, 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B and Cobol GUI Option Server 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B allows remote attackers to execute arbitrary code via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html"
"name": "49158",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49158"
},
{
"name" : "49158",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49158"
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html"
}
]
}

98
2012/5xxx/CVE-2012-5169.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5169",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5169",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20121017 Multiple vulnerabilities in AContent",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-10/0095.html"
"name": "56100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56100"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23117",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23117"
"name": "20121017 Multiple vulnerabilities in AContent",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0095.html"
},
{
"name" : "http://update.atutor.ca/acontent/patch/1_2/",
"refsource" : "CONFIRM",
"url" : "http://update.atutor.ca/acontent/patch/1_2/"
"name": "http://update.atutor.ca/acontent/patch/1_2/",
"refsource": "CONFIRM",
"url": "http://update.atutor.ca/acontent/patch/1_2/"
},
{
"name" : "56100",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/56100"
"name": "acontent-previewtop-xss(79463)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79463"
},
{
"name" : "86426",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/86426"
"name": "86426",
"refsource": "OSVDB",
"url": "http://osvdb.org/86426"
},
{
"name" : "51034",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51034"
"name": "51034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51034"
},
{
"name" : "acontent-previewtop-xss(79463)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79463"
"name": "https://www.htbridge.com/advisory/HTB23117",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23117"
}
]
}

74
2012/5xxx/CVE-2012-5544.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5544",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5544",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard."
"lang": "eng",
"value": "The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/20/4"
"name": "http://drupal.org/node/1808846",
"refsource": "MISC",
"url": "http://drupal.org/node/1808846"
},
{
"name" : "http://drupal.org/node/1808846",
"refsource" : "MISC",
"url" : "http://drupal.org/node/1808846"
"name": "[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
},
{
"name" : "http://drupal.org/node/1807894",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/1807894"
"name": "http://drupal.org/node/1807894",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/1807894"
}
]
}

22
2012/5xxx/CVE-2012-5871.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-5871",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5871",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/2xxx/CVE-2017-2331.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"ID" : "CVE-2017-2331",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2017-2331",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "NorthStar Controller Application",
"version" : {
"version_data" : [
"product_name": "NorthStar Controller Application",
"version": {
"version_data": [
{
"version_value" : "prior to version 2.1.0 Service Pack 1"
"version_value": "prior to version 2.1.0 Service Pack 1"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service."
"lang": "eng",
"value": "A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "firewall bypass"
"lang": "eng",
"value": "firewall bypass"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/JSA10783",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10783"
"name": "https://kb.juniper.net/JSA10783",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10783"
},
{
"name" : "97619",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97619"
"name": "97619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97619"
}
]
}

70
2017/2xxx/CVE-2017-2710.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00",
"ID" : "CVE-2017-2710",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-11-15T00:00:00",
"ID": "CVE-2017-2710",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Beethoven-W09A, CRR-L09",
"version" : {
"version_data" : [
"product_name": "Beethoven-W09A, CRR-L09",
"version": {
"version_data": [
{
"version_value" : "BTV-W09C229B002CUSTC229D005,BTV-W09C233B029,Earlier than BTV-W09C100B006CUSTC100D002 versions,Earlier than BTV-W09C128B003CUSTC128D002 versions,Earlier than BTV-W09C199B002CUSTC199D002 versions,Earlier than BTV-W09C209B005CUSTC209D001 versions,Earlier than BTV-W09C331B002CUSTC331D001 versions,Earlier than CRR-L09C432B390 versions,Earlier than CRR-L09C605B355CUSTC605D003 versions,"
"version_value": "BTV-W09C229B002CUSTC229D005,BTV-W09C233B029,Earlier than BTV-W09C100B006CUSTC100D002 versions,Earlier than BTV-W09C128B003CUSTC128D002 versions,Earlier than BTV-W09C199B002CUSTC199D002 versions,Earlier than BTV-W09C209B005CUSTC209D001 versions,Earlier than BTV-W09C331B002CUSTC331D001 versions,Earlier than CRR-L09C432B390 versions,Earlier than CRR-L09C605B355CUSTC605D003 versions,"
}
]
}
}
]
},
"vendor_name" : "Huawei Technologies Co., Ltd."
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed."
"lang": "eng",
"value": "BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "FRP Bypass"
"lang": "eng",
"value": "FRP Bypass"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170524-01-frp-en"
},
{
"name" : "98712",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98712"
"name": "98712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98712"
}
]
}

210
2017/3xxx/CVE-2017-3736.json
View File

@ -1,185 +1,185 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "openssl-security@openssl.org",
"DATE_PUBLIC" : "2017-11-02T00:00:00",
"ID" : "CVE-2017-3736",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2017-11-02T00:00:00",
"ID": "CVE-2017-3736",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OpenSSL",
"version" : {
"version_data" : [
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value" : "1.1.0 - 1.1.0f"
"version_value": "1.1.0 - 1.1.0f"
},
{
"version_value" : "1.0.2 - 1.0.2l"
"version_value": "1.0.2 - 1.0.2l"
}
]
}
}
]
},
"vendor_name" : "OpenSSL Software Foundation"
"vendor_name": "OpenSSL Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen."
"lang": "eng",
"value": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "carry-propagating bug"
"lang": "eng",
"value": "carry-propagating bug"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871",
"refsource" : "MISC",
"url" : "https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871"
"name": "https://security.netapp.com/advisory/ntap-20171107-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171107-0002/"
},
{
"name" : "https://www.openssl.org/news/secadv/20171102.txt",
"refsource" : "CONFIRM",
"url" : "https://www.openssl.org/news/secadv/20171102.txt"
"name": "RHSA-2018:2185",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2185"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20171107-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20171107-0002/"
"name": "https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871",
"refsource": "MISC",
"url": "https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871"
},
{
"name" : "https://www.tenable.com/security/tns-2017-14",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2017-14"
"name": "RHSA-2018:2186",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2186"
},
{
"name" : "https://www.tenable.com/security/tns-2017-15",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2017-15"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180117-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180117-0002/"
"name": "RHSA-2018:2713",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name": "DSA-4018",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4018"
},
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us"
"name": "GLSA-201712-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201712-03"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name": "RHSA-2018:0998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0998"
},
{
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
"name": "RHSA-2018:2575",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"name" : "DSA-4017",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2017/dsa-4017"
"name": "https://www.tenable.com/security/tns-2017-15",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-15"
},
{
"name" : "DSA-4018",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2017/dsa-4018"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name" : "FreeBSD-SA-17:11",
"refsource" : "FREEBSD",
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc"
"name": "101666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101666"
},
{
"name" : "GLSA-201712-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201712-03"
"name": "RHSA-2018:2568",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"name" : "RHSA-2018:0998",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:0998"
"name": "https://www.openssl.org/news/secadv/20171102.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20171102.txt"
},
{
"name" : "RHSA-2018:2185",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2185"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "RHSA-2018:2186",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2186"
"name": "DSA-4017",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4017"
},
{
"name" : "RHSA-2018:2187",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2187"
"name": "https://www.tenable.com/security/tns-2017-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-14"
},
{
"name" : "RHSA-2018:2568",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2568"
"name": "FreeBSD-SA-17:11",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc"
},
{
"name" : "RHSA-2018:2575",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2575"
"name": "1039727",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039727"
},
{
"name" : "RHSA-2018:2713",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2713"
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us"
},
{
"name" : "101666",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101666"
"name": "RHSA-2018:2187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"name" : "1039727",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039727"
"name": "https://security.netapp.com/advisory/ntap-20180117-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
}
]
}

74
2017/3xxx/CVE-2017-3850.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2017-3850",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3850",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco IOS and IOS XE",
"version" : {
"version_data" : [
"product_name": "Cisco IOS and IOS XE",
"version": {
"version_data": [
{
"version_value" : "Cisco IOS and IOS XE"
"version_value": "Cisco IOS and IOS XE"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: (1) the device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured); and (2) the device must have a reachable IPv6 interface. An exploit could allow the attacker to cause the affected device to reload. Cisco Bug IDs: CSCvc42729."
"lang": "eng",
"value": "A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: (1) the device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured); and (2) the device must have a reachable IPv6 interface. An exploit could allow the attacker to cause the affected device to reload. Cisco Bug IDs: CSCvc42729."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-20 Denial of Service Vulnerability"
"lang": "eng",
"value": "CWE-20 Denial of Service Vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6"
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6"
},
{
"name" : "96971",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96971"
"name": "1038065",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038065"
},
{
"name" : "1038065",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038065"
"name": "96971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96971"
}
]
}

70
2017/3xxx/CVE-2017-3933.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2017-09-14T00:00:00",
"ID" : "CVE-2017-3933",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2017-09-14T00:00:00",
"ID": "CVE-2017-3933",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Network Data Loss Prevention",
"version" : {
"version_data" : [
"product_name": "Network Data Loss Prevention",
"version": {
"version_data": [
{
"version_value" : "9.3.X"
"version_value": "9.3.X"
}
]
}
}
]
},
"vendor_name" : "McAfee"
"vendor_name": "McAfee"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack."
"lang": "eng",
"value": "Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Embedding Script (XSS) in HTTP Headers vulnerability"
"lang": "eng",
"value": "Embedding Script (XSS) in HTTP Headers vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198"
"name": "101628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101628"
},
{
"name" : "101628",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101628"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198"
}
]
}

22
2017/6xxx/CVE-2017-6382.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6382",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6382",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/6xxx/CVE-2017-6447.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6447",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6447",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2017/6xxx/CVE-2017-6589.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6589",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6589",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document."
"lang": "eng",
"value": "EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bad.code.blog/2017/03/09/epiceditor-cross-site-scripting/",
"refsource" : "MISC",
"url" : "https://bad.code.blog/2017/03/09/epiceditor-cross-site-scripting/"
"name": "https://bad.code.blog/2017/03/09/epiceditor-cross-site-scripting/",
"refsource": "MISC",
"url": "https://bad.code.blog/2017/03/09/epiceditor-cross-site-scripting/"
}
]
}

68
2017/6xxx/CVE-2017-6852.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6852",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6852",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image."
"lang": "eng",
"value": "Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blogs.gentoo.org/ago/2017/01/25/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c/",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/01/25/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c/"
"name": "https://blogs.gentoo.org/ago/2017/01/25/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2017/01/25/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c/"
},
{
"name" : "https://github.com/mdadams/jasper/issues/114",
"refsource" : "MISC",
"url" : "https://github.com/mdadams/jasper/issues/114"
"name": "https://github.com/mdadams/jasper/issues/114",
"refsource": "MISC",
"url": "https://github.com/mdadams/jasper/issues/114"
}
]
}

22
2017/7xxx/CVE-2017-7342.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7342",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7342",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/7xxx/CVE-2017-7458.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7458",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7458",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address."
"lang": "eng",
"value": "The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md",
"refsource" : "MISC",
"url" : "https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md"
"name": "https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f",
"refsource": "MISC",
"url": "https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f"
},
{
"name" : "https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f",
"refsource" : "MISC",
"url" : "https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f"
"name": "https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md",
"refsource": "MISC",
"url": "https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md"
}
]
}

64
2017/7xxx/CVE-2017-7523.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"DATE_PUBLIC" : "2017-05-10T00:00:00",
"ID" : "CVE-2017-7523",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-05-10T00:00:00",
"ID": "CVE-2017-7523",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "cygwin",
"version" : {
"version_data" : [
"product_name": "cygwin",
"version": {
"version_data": [
{
"version_value" : "since 1.7.2 up to 2.8.0"
"version_value": "since 1.7.2 up to 2.8.0"
}
]
}
}
]
},
"vendor_name" : "Red Hat, Inc."
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string."
"lang": "eng",
"value": "Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-787"
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://cygwin.com/ml/cygwin/2017-05/msg00149.html",
"refsource" : "MISC",
"url" : "https://cygwin.com/ml/cygwin/2017-05/msg00149.html"
"name": "https://cygwin.com/ml/cygwin/2017-05/msg00149.html",
"refsource": "MISC",
"url": "https://cygwin.com/ml/cygwin/2017-05/msg00149.html"
}
]
}

62
2017/7xxx/CVE-2017-7646.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7646",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7646",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within."
"lang": "eng",
"value": "SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://thwack.solarwinds.com/thread/111223",
"refsource" : "CONFIRM",
"url" : "https://thwack.solarwinds.com/thread/111223"
"name": "https://thwack.solarwinds.com/thread/111223",
"refsource": "CONFIRM",
"url": "https://thwack.solarwinds.com/thread/111223"
}
]
}

22
2017/7xxx/CVE-2017-7699.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7699",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7699",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/10xxx/CVE-2018-10207.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10207",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10207",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format."
"lang": "eng",
"value": "An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/",
"refsource" : "MISC",
"url" : "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/"
"name": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/",
"refsource": "MISC",
"url": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/"
}
]
}

158
2018/10xxx/CVE-2018-10675.json
View File

@ -1,141 +1,141 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10675",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10675",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls."
"lang": "eng",
"value": "The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99",
"refsource" : "MISC",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99"
"name": "RHSA-2018:3540",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3540"
},
{
"name" : "https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99",
"refsource" : "MISC",
"url" : "https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99"
"name": "RHSA-2018:2785",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2785"
},
{
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
"refsource" : "MISC",
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9"
"name": "RHSA-2018:2164",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource" : "CONFIRM",
"url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
"name": "RHSA-2018:2925",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2925"
},
{
"name" : "RHSA-2018:2164",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2164"
"name": "RHSA-2018:2933",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2933"
},
{
"name" : "RHSA-2018:2384",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2384"
"name": "RHSA-2018:2395",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"name" : "RHSA-2018:2395",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2395"
"name": "RHSA-2018:2384",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"name" : "RHSA-2018:2785",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2785"
"name": "USN-3754-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3754-1/"
},
{
"name" : "RHSA-2018:2791",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2791"
"name": "RHSA-2018:3590",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3590"
},
{
"name" : "RHSA-2018:2924",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2924"
"name": "https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99"
},
{
"name" : "RHSA-2018:2925",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2925"
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name" : "RHSA-2018:2933",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2933"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99"
},
{
"name" : "RHSA-2018:3540",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3540"
"name": "104093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104093"
},
{
"name" : "RHSA-2018:3586",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3586"
"name": "RHSA-2018:2924",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2924"
},
{
"name" : "RHSA-2018:3590",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3590"
"name": "RHSA-2018:3586",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3586"
},
{
"name" : "USN-3754-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3754-1/"
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
"refsource": "MISC",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9"
},
{
"name" : "104093",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104093"
"name": "RHSA-2018:2791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2791"
}
]
}

62
2018/14xxx/CVE-2018-14708.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14708",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14708",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic."
"lang": "eng",
"value": "An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc",
"refsource" : "MISC",
"url" : "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc"
"name": "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc",
"refsource": "MISC",
"url": "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc"
}
]
}

22
2018/17xxx/CVE-2018-17028.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17028",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17028",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/17xxx/CVE-2018-17193.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"ID" : "CVE-2018-17193",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2018-17193",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache NiFi",
"version" : {
"version_data" : [
"product_name": "Apache NiFi",
"version": {
"version_data": [
{
"version_value" : "Apache NiFi 1.0.0 - 1.7.1"
"version_value": "Apache NiFi 1.0.0 - 1.7.1"
}
]
}
}
]
},
"vendor_name" : "Apache Software Foundation"
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release."
"lang": "eng",
"value": "The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "XSS"
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://nifi.apache.org/security.html#CVE-2018-17193",
"refsource" : "CONFIRM",
"url" : "https://nifi.apache.org/security.html#CVE-2018-17193"
"name": "https://nifi.apache.org/security.html#CVE-2018-17193",
"refsource": "CONFIRM",
"url": "https://nifi.apache.org/security.html#CVE-2018-17193"
}
]
}

62
2018/17xxx/CVE-2018-17217.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17217",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17217",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key."
"lang": "eng",
"value": "An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ptc.com/en/support/article?n=CS291004",
"refsource" : "CONFIRM",
"url" : "https://www.ptc.com/en/support/article?n=CS291004"
"name": "https://www.ptc.com/en/support/article?n=CS291004",
"refsource": "CONFIRM",
"url": "https://www.ptc.com/en/support/article?n=CS291004"
}
]
}

22
2018/17xxx/CVE-2018-17290.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17290",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17290",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/20xxx/CVE-2018-20055.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20055",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20055",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/20xxx/CVE-2018-20133.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20133",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20133",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ymlref allows code injection."
"lang": "eng",
"value": "ymlref allows code injection."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/dexter2206/ymlref/issues/2",
"refsource" : "MISC",
"url" : "https://github.com/dexter2206/ymlref/issues/2"
"name": "https://github.com/dexter2206/ymlref/issues/2",
"refsource": "MISC",
"url": "https://github.com/dexter2206/ymlref/issues/2"
}
]
}

22
2018/20xxx/CVE-2018-20310.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20310",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20310",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/9xxx/CVE-2018-9106.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export."
"lang": "eng",
"value": "CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "44370",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44370/"
"name": "44370",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44370/"
},
{
"name" : "https://www.acyba.com/acysms/change-log.html",
"refsource" : "MISC",
"url" : "https://www.acyba.com/acysms/change-log.html"
"name": "https://www.acyba.com/acysms/change-log.html",
"refsource": "MISC",
"url": "https://www.acyba.com/acysms/change-log.html"
}
]
}

22
2018/9xxx/CVE-2018-9617.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9617",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9617",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/9xxx/CVE-2018-9642.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9642",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9642",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}