admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:26:31 +00:00
parent 87d4974344
commit ddf9b47bb0
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
63 changed files with 4406 additions and 4406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
2005/0xxx/CVE-2005-0063.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0063", "ID": "CVE-2005-0063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050412 Microsoft MSHTA Script Execution Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities" "lang": "eng",
}, "value": "The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document."
{ }
"name" : "20050529 Spam exploiting MS05-016", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=111755356016155&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS05-016", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.securiteam.com/exploits/5YP0T0AFFW.html", ]
"refsource" : "MISC", }
"url" : "http://www.securiteam.com/exploits/5YP0T0AFFW.html" ]
}, },
{ "references": {
"name" : "13132", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13132" "name": "oval:org.mitre.oval:def:3456",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456"
"name" : "ADV-2005-0335", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/0335" "name": "MS05-016",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016"
"name" : "oval:org.mitre.oval:def:2184", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184" "name": "oval:org.mitre.oval:def:407",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407"
"name" : "oval:org.mitre.oval:def:3456", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456" "name": "20050529 Spam exploiting MS05-016",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=111755356016155&w=2"
"name" : "oval:org.mitre.oval:def:407", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407" "name": "oval:org.mitre.oval:def:587",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587"
"name" : "oval:org.mitre.oval:def:4710", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710" "name": "http://www.securiteam.com/exploits/5YP0T0AFFW.html",
}, "refsource": "MISC",
{ "url": "http://www.securiteam.com/exploits/5YP0T0AFFW.html"
"name" : "oval:org.mitre.oval:def:573", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573" "name": "20050412 Microsoft MSHTA Script Execution Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities"
"name" : "oval:org.mitre.oval:def:587", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587" "name": "ADV-2005-0335",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2005/0335"
} },
} {
"name": "oval:org.mitre.oval:def:573",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573"
},
{
"name": "oval:org.mitre.oval:def:2184",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184"
},
{
"name": "oval:org.mitre.oval:def:4710",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710"
},
{
"name": "13132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13132"
}
]
}
}

240
2005/0xxx/CVE-2005-0241.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2005-0241", "ID": "CVE-2005-0241",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216" "lang": "eng",
}, "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."
{ }
"name" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers", ]
"refsource" : "CONFIRM", },
"url" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "CLA-2005:931", ]
"refsource" : "CONECTIVA", }
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931" ]
}, },
{ "references": {
"name" : "FLSA-2006:152809", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/updates/FEDORA--.shtml" "name": "14091",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/14091"
"name" : "RHSA-2005:060", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-060.html" "name": "VU#823350",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/823350"
"name" : "RHSA-2005:061", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-061.html" "name": "12412",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12412"
"name" : "SUSE-SA:2005:006", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_06_squid.html" "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216",
}, "refsource": "CONFIRM",
{ "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"
"name" : "VU#823350", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/823350" "name": "oval:org.mitre.oval:def:10998",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"
"name" : "12412", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12412" "name": "FLSA-2006:152809",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/updates/FEDORA--.shtml"
"name" : "oval:org.mitre.oval:def:10998", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998" "name": "RHSA-2005:061",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
"name" : "14091", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14091" "name": "squid-http-cache-poisoning(19060)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"
"name" : "squid-http-cache-poisoning(19060)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060" "name": "CLA-2005:931",
} "refsource": "CONECTIVA",
] "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931"
} },
} {
"name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers",
"refsource": "CONFIRM",
"url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"
},
{
"name": "SUSE-SA:2005:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
},
{
"name": "RHSA-2005:060",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
},
{
"name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch",
"refsource": "CONFIRM",
"url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"
}
]
}
}

160
2005/0xxx/CVE-2005-0378.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0378", "ID": "CVE-2005-0378",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050113 Cross Site Scripting holes found in Horde 3.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110564059322774&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php."
{ }
"name" : "http://www.hyperdose.com/advisories/H2005-01.txt", ]
"refsource" : "MISC", },
"url" : "http://www.hyperdose.com/advisories/H2005-01.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "12255", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12255" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1012892", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1012892" ]
}, },
{ "references": {
"name" : "horde-prefs-index-xss(18881)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18881" "name": "http://www.hyperdose.com/advisories/H2005-01.txt",
} "refsource": "MISC",
] "url": "http://www.hyperdose.com/advisories/H2005-01.txt"
} },
} {
"name": "20050113 Cross Site Scripting holes found in Horde 3.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110564059322774&w=2"
},
{
"name": "12255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12255"
},
{
"name": "1012892",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012892"
},
{
"name": "horde-prefs-index-xss(18881)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18881"
}
]
}
}

120
2005/0xxx/CVE-2005-0985.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0985", "ID": "CVE-2005-0985",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=301324", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=301324" "lang": "eng",
} "value": "Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://docs.info.apple.com/article.html?artnum=301324",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=301324"
}
]
}
}

130
2005/1xxx/CVE-2005-1167.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1167", "ID": "CVE-2005-1167",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050415 Improper log file storage in Musicmatch software", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111358261404682&w=2" "lang": "eng",
}, "value": "Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information."
{ }
"name" : "http://www.hyperdose.com/advisories/H2005-02.txt", ]
"refsource" : "MISC", },
"url" : "http://www.hyperdose.com/advisories/H2005-02.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050415 Improper log file storage in Musicmatch software",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111358261404682&w=2"
},
{
"name": "http://www.hyperdose.com/advisories/H2005-02.txt",
"refsource": "MISC",
"url": "http://www.hyperdose.com/advisories/H2005-02.txt"
}
]
}
}

130
2005/1xxx/CVE-2005-1545.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1545", "ID": "CVE-2005-1545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-743", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-743" "lang": "eng",
}, "value": "Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow."
{ }
"name" : "GLSA-200505-08", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200505-08.xml" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200505-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200505-08.xml"
},
{
"name": "DSA-743",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-743"
}
]
}
}

170
2005/1xxx/CVE-2005-1564.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1564", "ID": "CVE-2005-1564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to \"enter bugs into products that are closed for bug entry\" by modifying the URL to specify the name of the product."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050512 Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111592031902962&w=2" "lang": "eng",
}, "value": "post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to \"enter bugs into products that are closed for bug entry\" by modifying the URL to specify the name of the product."
{ }
"name" : "http://www.bugzilla.org/security/2.16.8/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.bugzilla.org/security/2.16.8/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=287109", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=287109" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16426", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/16426" ]
}, },
{ "references": {
"name" : "15338", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15338" "name": "http://www.bugzilla.org/security/2.16.8/",
}, "refsource": "CONFIRM",
{ "url": "http://www.bugzilla.org/security/2.16.8/"
"name" : "bugzilla-postbug-weak-security(42797)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42797" "name": "20050512 Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=111592031902962&w=2"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=287109",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=287109"
},
{
"name": "16426",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16426"
},
{
"name": "15338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15338"
},
{
"name": "bugzilla-postbug-weak-security(42797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42797"
}
]
}
}

160
2005/1xxx/CVE-2005-1627.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1627", "ID": "CVE-2005-1627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Viewglob before 2.0.1, related to \"a potential security issue with the Viewglob display and ssh X forwarding,\" has unknown impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=325574", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=325574" "lang": "eng",
}, "value": "Unknown vulnerability in Viewglob before 2.0.1, related to \"a potential security issue with the Viewglob display and ssh X forwarding,\" has unknown impact."
{ }
"name" : "16170", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/16170" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1013937", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013937" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15293", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15293" ]
}, },
{ "references": {
"name" : "viewglob-connection-information-disclosure(20559)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20559" "name": "15293",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/15293"
} },
} {
"name": "viewglob-connection-information-disclosure(20559)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20559"
},
{
"name": "16170",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16170"
},
{
"name": "1013937",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013937"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=325574",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=325574"
}
]
}
}

150
2005/1xxx/CVE-2005-1812.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1812", "ID": "CVE-2005-1812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.security.org.sg/vuln/tftp2000-1001.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.security.org.sg/vuln/tftp2000-1001.html" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet."
{ }
"name" : "13821", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/13821" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014079", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014079" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15539", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15539" ]
} },
] "references": {
} "reference_data": [
} {
"name": "15539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15539"
},
{
"name": "13821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13821"
},
{
"name": "1014079",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014079"
},
{
"name": "http://www.security.org.sg/vuln/tftp2000-1001.html",
"refsource": "MISC",
"url": "http://www.security.org.sg/vuln/tftp2000-1001.html"
}
]
}
}

180
2005/3xxx/CVE-2005-3747.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3747", "ID": "CVE-2005-3747",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (\"%5C\") characters. NOTE: this might be the same issue as CVE-2006-2758."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322" "lang": "eng",
}, "value": "Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (\"%5C\") characters. NOTE: this might be the same issue as CVE-2006-2758."
{ }
"name" : "HPSBUX02172", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/450315/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061269", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/450315/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15515", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15515" ]
}, },
{ "references": {
"name" : "ADV-2005-2515", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2515" "name": "http://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=372086&group_id=7322"
"name" : "17659", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17659" "name": "SSRT061269",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/450315/100/0/threaded"
"name" : "22669", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22669" "name": "ADV-2005-2515",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2005/2515"
} },
} {
"name": "15515",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15515"
},
{
"name": "22669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22669"
},
{
"name": "17659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17659"
},
{
"name": "HPSBUX02172",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/450315/100/0/threaded"
}
]
}
}

150
2005/4xxx/CVE-2005-4033.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4033", "ID": "CVE-2005-4033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.nodezilla.net/history.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.nodezilla.net/history.txt" "lang": "eng",
}, "value": "Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information."
{ }
"name" : "15704", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15704" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2731", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2731" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17867", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/17867" ]
} },
] "references": {
} "reference_data": [
} {
"name": "17867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17867"
},
{
"name": "ADV-2005-2731",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2731"
},
{
"name": "http://www.nodezilla.net/history.txt",
"refsource": "CONFIRM",
"url": "http://www.nodezilla.net/history.txt"
},
{
"name": "15704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15704"
}
]
}
}

34
2005/4xxx/CVE-2005-4110.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2005-4110", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2005-4110",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
} }
] ]
} }
} }

150
2005/4xxx/CVE-2005-4507.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4507", "ID": "CVE-2005-4507",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields."
{ }
"name" : "16042", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16042" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-3047", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/3047" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18164", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18164" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt",
"refsource": "MISC",
"url": "http://www.exploitlabs.com/files/advisories/EXPL-A-2005-017-devhound.txt"
},
{
"name": "16042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16042"
},
{
"name": "ADV-2005-3047",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3047"
},
{
"name": "18164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18164"
}
]
}
}

160
2005/4xxx/CVE-2005-4714.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4714", "ID": "CVE-2005-4714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server) 1.3 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securiteam.com/unixfocus/6I00F00EAI.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/unixfocus/6I00F00EAI.html" "lang": "eng",
}, "value": "Format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server) 1.3 allows remote attackers to execute arbitrary code via unknown vectors."
{ }
"name" : "15072", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15072" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19910", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19910" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17128", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/17128" ]
}, },
{ "references": {
"name" : "openvmps-vmpslog-format-string(22587)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22587" "name": "http://www.securiteam.com/unixfocus/6I00F00EAI.html",
} "refsource": "MISC",
] "url": "http://www.securiteam.com/unixfocus/6I00F00EAI.html"
} },
} {
"name": "17128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17128"
},
{
"name": "openvmps-vmpslog-format-string(22587)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22587"
},
{
"name": "15072",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15072"
},
{
"name": "19910",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19910"
}
]
}
}

160
2005/4xxx/CVE-2005-4721.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4721", "ID": "CVE-2005-4721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
{ }
"name" : "http://developer.tmsasia.com/page.cfm?name=security", ]
"refsource" : "CONFIRM", },
"url" : "http://developer.tmsasia.com/page.cfm?name=security" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16816", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16816" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23014", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/23014" ]
}, },
{ "references": {
"name" : "tmspublisher-search-xss(25275)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25275" "name": "http://developer.tmsasia.com/page.cfm?name=security",
} "refsource": "CONFIRM",
] "url": "http://developer.tmsasia.com/page.cfm?name=security"
} },
} {
"name": "23014",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23014"
},
{
"name": "tmspublisher-search-xss(25275)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25275"
},
{
"name": "16816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16816"
},
{
"name": "http://metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt",
"refsource": "MISC",
"url": "http://metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt"
}
]
}
}

140
2009/0xxx/CVE-2009-0119.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0119", "ID": "CVE-2009-0119",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7720", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7720" "lang": "eng",
}, "value": "Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file."
{ }
"name" : "33204", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33204" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4912", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4912" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "7720",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7720"
},
{
"name": "33204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33204"
},
{
"name": "4912",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4912"
}
]
}
}

180
2009/0xxx/CVE-2009-0202.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2009-0202", "ID": "CVE-2009-0202",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified \"layout information\" that triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090610 Secunia Research: Microsoft PowerPoint Freelance Layout Parsing Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/504215/100/0/threaded" "lang": "eng",
}, "value": "Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified \"layout information\" that triggers a heap-based buffer overflow."
{ }
"name" : "http://secunia.com/secunia_research/2009-29/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2009-29/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35275", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35275" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "54961", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/54961" ]
}, },
{ "references": {
"name" : "1022369", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1022369" "name": "54961",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/54961"
"name" : "35184", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35184" "name": "1022369",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1022369"
"name" : "ms-powerpoint-freelance-bo(51034)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51034" "name": "ms-powerpoint-freelance-bo(51034)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51034"
} },
} {
"name": "http://secunia.com/secunia_research/2009-29/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-29/"
},
{
"name": "20090610 Secunia Research: Microsoft PowerPoint Freelance Layout Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504215/100/0/threaded"
},
{
"name": "35275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35275"
},
{
"name": "35184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35184"
}
]
}
}

170
2009/0xxx/CVE-2009-0989.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2009-0989", "ID": "CVE-2009-0989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990."
{ }
"name" : "TA09-105A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-105A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34461", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34461" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53742", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/53742" ]
}, },
{ "references": {
"name" : "1022055", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022055" "name": "1022055",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022055"
"name" : "34693", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34693" "name": "34461",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/34461"
} },
} {
"name": "34693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "53742",
"refsource": "OSVDB",
"url": "http://osvdb.org/53742"
}
]
}
}

140
2009/1xxx/CVE-2009-1347.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1347", "ID": "CVE-2009-1347",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8461", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8461" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field)."
{ }
"name" : "34572", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/34572" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24879", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24879" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "34572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34572"
},
{
"name": "24879",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24879"
},
{
"name": "8461",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8461"
}
]
}
}

140
2009/1xxx/CVE-2009-1359.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1359", "ID": "CVE-2009-1359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "257331", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257331-1" "lang": "eng",
}, "value": "Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors."
{ }
"name" : "34628", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/34628" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-1120", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1120" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "34628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34628"
},
{
"name": "ADV-2009-1120",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1120"
},
{
"name": "257331",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257331-1"
}
]
}
}

120
2009/1xxx/CVE-2009-1451.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1451", "ID": "CVE-2009-1451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7936", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7936" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7936",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7936"
}
]
}
}

34
2009/1xxx/CVE-2009-1562.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1562", "ID": "CVE-2009-1562",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2009/3xxx/CVE-2009-3223.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3223", "ID": "CVE-2009-3223",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9271", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9271" "lang": "eng",
}, "value": "SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter."
{ }
"name" : "35975", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/35975" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-2028", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2028" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "9271",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9271"
},
{
"name": "ADV-2009-2028",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2028"
},
{
"name": "35975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35975"
}
]
}
}

300
2009/3xxx/CVE-2009-3291.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3291", "ID": "CVE-2009-3291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php.net/ChangeLog-5.php#5.2.11", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php#5.2.11" "lang": "eng",
}, "value": "The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates."
{ }
"name" : "http://www.php.net/releases/5_2_11.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php.net/releases/5_2_11.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT3937", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3937" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2009-11-09-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" ]
}, },
{ "references": {
"name" : "DSA-1940", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1940" "name": "http://www.php.net/ChangeLog-5.php#5.2.11",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php#5.2.11"
"name" : "HPSBUX02543", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127680701405735&w=2" "name": "37482",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37482"
"name" : "SSRT100152", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127680701405735&w=2" "name": "40262",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40262"
"name" : "HPSBOV02683", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "HPSBUX02543",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=127680701405735&w=2"
"name" : "SSRT090208", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "SSRT090208",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "SUSE-SR:2009:017", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html" "name": "http://www.php.net/releases/5_2_11.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/releases/5_2_11.php"
"name" : "58185", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/58185" "name": "php-certificate-unspecified(53334)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53334"
"name" : "oval:org.mitre.oval:def:10438", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438" "name": "1022914",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022914"
"name" : "oval:org.mitre.oval:def:7394", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394" "name": "36791",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36791"
"name" : "1022914", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022914" "name": "DSA-1940",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1940"
"name" : "36791", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36791" "name": "HPSBOV02683",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "37482", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37482" "name": "oval:org.mitre.oval:def:10438",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438"
"name" : "40262", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40262" "name": "ADV-2009-3184",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/3184"
"name" : "ADV-2009-3184", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3184" "name": "58185",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/58185"
"name" : "php-certificate-unspecified(53334)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53334" "name": "oval:org.mitre.oval:def:7394",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394"
} },
} {
"name": "SSRT100152",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127680701405735&w=2"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "SUSE-SR:2009:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
}

300
2009/3xxx/CVE-2009-3613.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3613", "ID": "CVE-2009-3613",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20091015 Re: CVE request kernel: flood ping cause", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=oss-security&m=125561712529352&w=2" "lang": "eng",
}, "value": "The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping."
{ }
"name" : "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", ]
"refsource" : "MLIST", },
"url" : "http://lists.vmware.com/pipermail/security-announce/2010/000082.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugzilla.kernel.org/show_bug.cgi?id=9468", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.kernel.org/show_bug.cgi?id=9468" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97d477a914b146e7e6722ded21afa79886ae8ccd", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97d477a914b146e7e6722ded21afa79886ae8ccd" ]
}, },
{ "references": {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a866bbf6aacf95f849810079442a20be118ce905", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a866bbf6aacf95f849810079442a20be118ce905" "name": "oval:org.mitre.oval:def:10209",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10209"
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22", },
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22" "name": "RHSA-2009:1671",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-1671.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=529137", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=529137" "name": "[oss-security] 20091015 Re: CVE request kernel: flood ping cause",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=oss-security&m=125561712529352&w=2"
"name" : "RHSA-2009:1540", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1540.html" "name": "RHSA-2009:1540",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
"name" : "RHSA-2009:1548", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1548.html" "name": "oval:org.mitre.oval:def:7377",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7377"
"name" : "RHSA-2009:1671", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1671.html" "name": "USN-864-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-864-1"
"name" : "SUSE-SA:2009:064", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html" "name": "38794",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38794"
"name" : "USN-864-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-864-1" "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
"name" : "36706", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36706" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97d477a914b146e7e6722ded21afa79886ae8ccd",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=97d477a914b146e7e6722ded21afa79886ae8ccd"
"name" : "oval:org.mitre.oval:def:10209", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10209" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=529137",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529137"
"name" : "oval:org.mitre.oval:def:7377", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7377" "name": "37909",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37909"
"name" : "37909", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37909" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22"
"name" : "38794", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38794" "name": "SUSE-SA:2009:064",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
"name" : "38834", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38834" "name": "RHSA-2009:1548",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2009-1548.html"
"name" : "ADV-2010-0528", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0528" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a866bbf6aacf95f849810079442a20be118ce905",
} "refsource": "CONFIRM",
] "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a866bbf6aacf95f849810079442a20be118ce905"
} },
} {
"name": "38834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38834"
},
{
"name": "36706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36706"
},
{
"name": "http://bugzilla.kernel.org/show_bug.cgi?id=9468",
"refsource": "CONFIRM",
"url": "http://bugzilla.kernel.org/show_bug.cgi?id=9468"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
}
]
}
}

130
2009/4xxx/CVE-2009-4161.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4161", "ID": "CVE-2009-4161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "37165", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37165" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37165"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/"
}
]
}
}

160
2009/4xxx/CVE-2009-4207.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4207", "ID": "CVE-2009-4207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.7 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a submission."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/481258", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/481258" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.7 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a submission."
{ }
"name" : "http://drupal.org/node/481260", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/481260" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/481268", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/481268" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35197", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/35197" ]
}, },
{ "references": {
"name" : "35339", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35339" "name": "35197",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/35197"
} },
} {
"name": "http://drupal.org/node/481268",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/481268"
},
{
"name": "35339",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35339"
},
{
"name": "http://drupal.org/node/481258",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/481258"
},
{
"name": "http://drupal.org/node/481260",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/481260"
}
]
}
}

150
2009/4xxx/CVE-2009-4294.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4294", "ID": "CVE-2009-4294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-07-1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-07-1" "lang": "eng",
}, "value": "Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors."
{ }
"name" : "267548", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267548-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37284", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37284" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-3477", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/3477" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2009-3477",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3477"
},
{
"name": "37284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37284"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-07-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-07-1"
},
{
"name": "267548",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267548-1"
}
]
}
}

220
2009/4xxx/CVE-2009-4306.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4306", "ID": "CVE-2009-4306",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch", "description_data": [
"refsource" : "MISC", {
"url" : "http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch" "lang": "eng",
}, "value": "Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131."
{ }
"name" : "http://twitter.com/fotisl/statuses/6568947714", ]
"refsource" : "MISC", },
"url" : "http://twitter.com/fotisl/statuses/6568947714" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://twitter.com/spendergrsec/statuses/6551797457", "description": [
"refsource" : "MISC", {
"url" : "http://twitter.com/spendergrsec/statuses/6551797457" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://twitter.com/spendergrsec/statuses/6567167692", ]
"refsource" : "MISC", }
"url" : "http://twitter.com/spendergrsec/statuses/6567167692" ]
}, },
{ "references": {
"name" : "http://twitter.com/spendergrsec/statuses/6569596339", "reference_data": [
"refsource" : "MISC", {
"url" : "http://twitter.com/spendergrsec/statuses/6569596339" "name": "http://twitter.com/spendergrsec/statuses/6567167692",
}, "refsource": "MISC",
{ "url": "http://twitter.com/spendergrsec/statuses/6567167692"
"name" : "http://twitter.com/spendergrsec/statuses/6572069107", },
"refsource" : "MISC", {
"url" : "http://twitter.com/spendergrsec/statuses/6572069107" "name": "SUSE-SA:2010:001",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
"name" : "http://twitter.com/spendergrsec/statuses/6583954567", },
"refsource" : "MISC", {
"url" : "http://twitter.com/spendergrsec/statuses/6583954567" "name": "http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch",
}, "refsource": "MISC",
{ "url": "http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch"
"name" : "http://twitter.com/tytso/statuses/6571730411", },
"refsource" : "MISC", {
"url" : "http://twitter.com/tytso/statuses/6571730411" "name": "http://twitter.com/tytso/statuses/6571730411",
}, "refsource": "MISC",
{ "url": "http://twitter.com/tytso/statuses/6571730411"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=547263", },
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=547263" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=547263",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547263"
"name" : "SUSE-SA:2010:001", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html" "name": "http://twitter.com/spendergrsec/statuses/6569596339",
}, "refsource": "MISC",
{ "url": "http://twitter.com/spendergrsec/statuses/6569596339"
"name" : "38017", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38017" "name": "http://twitter.com/spendergrsec/statuses/6572069107",
} "refsource": "MISC",
] "url": "http://twitter.com/spendergrsec/statuses/6572069107"
} },
} {
"name": "http://twitter.com/spendergrsec/statuses/6583954567",
"refsource": "MISC",
"url": "http://twitter.com/spendergrsec/statuses/6583954567"
},
{
"name": "http://twitter.com/fotisl/statuses/6568947714",
"refsource": "MISC",
"url": "http://twitter.com/fotisl/statuses/6568947714"
},
{
"name": "http://twitter.com/spendergrsec/statuses/6551797457",
"refsource": "MISC",
"url": "http://twitter.com/spendergrsec/statuses/6551797457"
},
{
"name": "38017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38017"
}
]
}
}

170
2009/4xxx/CVE-2009-4409.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4409", "ID": "CVE-2009-4409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.seil.jp/seilseries/security/2009/a00697.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.seil.jp/seilseries/security/2009/a00697.php" "lang": "eng",
}, "value": "The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack."
{ }
"name" : "JVN#49602378", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN49602378/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2009-000079", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000079.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37293", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/37293" ]
}, },
{ "references": {
"name" : "61118", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/61118" "name": "37628",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37628"
"name" : "37628", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37628" "name": "37293",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/37293"
} },
} {
"name": "JVN#49602378",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN49602378/index.html"
},
{
"name": "61118",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61118"
},
{
"name": "http://www.seil.jp/seilseries/security/2009/a00697.php",
"refsource": "CONFIRM",
"url": "http://www.seil.jp/seilseries/security/2009/a00697.php"
},
{
"name": "JVNDB-2009-000079",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000079.html"
}
]
}
}

34
2012/2xxx/CVE-2012-2350.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2350", "ID": "CVE-2012-2350",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/2xxx/CVE-2012-2489.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2489", "ID": "CVE-2012-2489",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2012/2xxx/CVE-2012-2565.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2012-2565", "ID": "CVE-2012-2565",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.kb.cert.org/vuls/id/MAPG-8R9LBY", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kb.cert.org/vuls/id/MAPG-8R9LBY" "lang": "eng",
}, "value": "Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach."
{ }
"name" : "VU#722963", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/722963" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "53715", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53715" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "53715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53715"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8R9LBY",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R9LBY"
},
{
"name": "VU#722963",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/722963"
}
]
}
}

200
2012/2xxx/CVE-2012-2776.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2776", "ID": "CVE-2012-2776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to an \"out of picture write.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/08/31/3" "lang": "eng",
}, "value": "Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to an \"out of picture write.\""
{ }
"name" : "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/09/02/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ffmpeg.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ffmpeg.org/security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ba775a54bc2136ec5da85385a923b05ee6fab159", ]
"refsource" : "CONFIRM", }
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ba775a54bc2136ec5da85385a923b05ee6fab159" ]
}, },
{ "references": {
"name" : "http://libav.org/releases/libav-0.8.4.changelog", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://libav.org/releases/libav-0.8.4.changelog" "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ba775a54bc2136ec5da85385a923b05ee6fab159",
}, "refsource": "CONFIRM",
{ "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ba775a54bc2136ec5da85385a923b05ee6fab159"
"name" : "MDVSA-2013:079", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:079" "name": "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/09/02/4"
"name" : "55355", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55355" "name": "http://libav.org/releases/libav-0.8.4.changelog",
}, "refsource": "CONFIRM",
{ "url": "http://libav.org/releases/libav-0.8.4.changelog"
"name" : "50468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50468" "name": "55355",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/55355"
"name" : "51257", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51257" "name": "MDVSA-2013:079",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:079"
} },
} {
"name": "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/3"
},
{
"name": "http://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/security.html"
},
{
"name": "50468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50468"
},
{
"name": "51257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51257"
}
]
}
}

34
2012/6xxx/CVE-2012-6258.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6258", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-6258",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }
} }

160
2012/6xxx/CVE-2012-6562.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6562", "ID": "CVE-2012-6562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blog.elgg.org/pg/blog/evan/read/209/elgg-185-released", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://blog.elgg.org/pg/blog/evan/read/209/elgg-185-released" "lang": "eng",
}, "value": "engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts."
{ }
"name" : "http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip", ]
"refsource" : "CONFIRM", },
"url" : "http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "53623", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53623" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49129", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49129" ]
}, },
{ "references": {
"name" : "elgg-multiple-security-bypass(75757)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75757" "name": "http://blog.elgg.org/pg/blog/evan/read/209/elgg-185-released",
} "refsource": "CONFIRM",
] "url": "http://blog.elgg.org/pg/blog/evan/read/209/elgg-185-released"
} },
} {
"name": "49129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49129"
},
{
"name": "http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip",
"refsource": "CONFIRM",
"url": "http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip"
},
{
"name": "53623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53623"
},
{
"name": "elgg-multiple-security-bypass(75757)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75757"
}
]
}
}

140
2015/1xxx/CVE-2015-1239.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2015-1239", "ID": "CVE-2015-1239",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180719 [SECURITY] [DLA 1433-1] openjpeg2 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html" "lang": "eng",
}, "value": "Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF."
{ }
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=430891", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=430891" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=457493", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=457493" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180719 [SECURITY] [DLA 1433-1] openjpeg2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=457493",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=457493"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=430891",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=430891"
}
]
}
}

150
2015/1xxx/CVE-2015-1836.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1836", "ID": "CVE-2015-1836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[www-announce] 20150525 CVE-2015-1836: Apache HBase remote denial of service, information integrity, and information disclosure vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail-archives.apache.org/mod_mbox/www-announce/201505.mbox/%3CCA+RK=_CFiTfQ2d0V+kuJx_y5izmYccaKjXaJ3V72KK7tbOhbkg@mail.gmail.com%3E" "lang": "eng",
}, "value": "Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969546", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969546" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034365", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034365" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[www-announce] 20150525 CVE-2015-1836: Apache HBase remote denial of service, information integrity, and information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/www-announce/201505.mbox/%3CCA+RK=_CFiTfQ2d0V+kuJx_y5izmYccaKjXaJ3V72KK7tbOhbkg@mail.gmail.com%3E"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969546",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969546"
},
{
"name": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html",
"refsource": "CONFIRM",
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"name": "1034365",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034365"
}
]
}
}

140
2015/1xxx/CVE-2015-1843.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1843", "ID": "CVE-2015-1843",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. NOTE: this vulnerability exists because of a CVE-2014-5277 regression."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1206443", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1206443" "lang": "eng",
}, "value": "The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. NOTE: this vulnerability exists because of a CVE-2014-5277 regression."
{ }
"name" : "RHSA-2015:0776", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0776.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73936", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73936" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0776",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0776.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1206443",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206443"
},
{
"name": "73936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73936"
}
]
}
}

34
2015/1xxx/CVE-2015-1939.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1939", "ID": "CVE-2015-1939",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2015/1xxx/CVE-2015-1977.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1977", "ID": "CVE-2015-1977",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21986452", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21986452" "lang": "eng",
} "value": "Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21986452",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986452"
}
]
}
}

120
2015/5xxx/CVE-2015-5024.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-5024", "ID": "CVE-2015-5024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4, 10.0.2.6 before iFix8, 10.0.2.7 before iFix1, and 10.0.4.x before iFix2 allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21967255", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21967255" "lang": "eng",
} "value": "IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4, 10.0.2.6 before iFix8, 10.0.2.7 before iFix1, and 10.0.4.x before iFix2 allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21967255",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967255"
}
]
}
}

150
2015/5xxx/CVE-2015-5080.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5080", "ID": "CVE-2015-5080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf" "lang": "eng",
}, "value": "The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs."
{ }
"name" : "http://support.citrix.com/article/CTX201149", ]
"refsource" : "CONFIRM", },
"url" : "http://support.citrix.com/article/CTX201149" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75505", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75505" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032762", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032762" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf",
"refsource": "MISC",
"url": "http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf"
},
{
"name": "http://support.citrix.com/article/CTX201149",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201149"
},
{
"name": "1032762",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032762"
},
{
"name": "75505",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75505"
}
]
}
}

150
2015/5xxx/CVE-2015-5625.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-5625", "ID": "CVE-2015-5625",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opendocman.com/opendocman-v1-3-4-released/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opendocman.com/opendocman-v1-3-4-released/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter."
{ }
"name" : "JVN#00015036", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN00015036/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2015-000128", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000128" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033482", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033482" ]
} },
] "references": {
} "reference_data": [
} {
"name": "JVN#00015036",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN00015036/index.html"
},
{
"name": "http://www.opendocman.com/opendocman-v1-3-4-released/",
"refsource": "CONFIRM",
"url": "http://www.opendocman.com/opendocman-v1-3-4-released/"
},
{
"name": "1033482",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033482"
},
{
"name": "JVNDB-2015-000128",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000128"
}
]
}
}

34
2015/5xxx/CVE-2015-5973.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-5973", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-5973",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

120
2015/5xxx/CVE-2015-5987.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-5987", "ID": "CVE-2015-5987",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#201168", "description_data": [
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/201168" "lang": "eng",
} "value": "Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#201168",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/201168"
}
]
}
}

34
2018/11xxx/CVE-2018-11028.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11028", "ID": "CVE-2018-11028",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/11xxx/CVE-2018-11271.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11271", "ID": "CVE-2018-11271",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/11xxx/CVE-2018-11313.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11313", "ID": "CVE-2018-11313",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/11xxx/CVE-2018-11449.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "productcert@siemens.com", "ASSIGNER": "productcert@siemens.com",
"DATE_PUBLIC" : "2018-06-15T00:00:00", "DATE_PUBLIC": "2018-06-15T00:00:00",
"ID" : "CVE-2018-11449", "ID": "CVE-2018-11449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SCALANCE M875", "product_name": "SCALANCE M875",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SCALANCE M875 All versions" "version_value": "SCALANCE M875 All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Siemens AG" "vendor_name": "Siemens AG"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf" "lang": "eng",
} "value": "A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf"
}
]
}
}

34
2018/11xxx/CVE-2018-11753.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11753", "ID": "CVE-2018-11753",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/11xxx/CVE-2018-11956.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11956", "ID": "CVE-2018-11956",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44" "lang": "eng",
}, "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue."
{ }
"name" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", ]
"refsource" : "CONFIRM", },
"url" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44"
},
{
"name": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin"
}
]
}
}

130
2018/15xxx/CVE-2018-15805.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15805", "ID": "CVE-2018-15805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c", "description_data": [
"refsource" : "MISC", {
"url" : "https://medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c" "lang": "eng",
}, "value": "Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption)."
{ }
"name" : "https://help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html#Release_v13_5.html", ]
"refsource" : "CONFIRM", },
"url" : "https://help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html#Release_v13_5.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c",
"refsource": "MISC",
"url": "https://medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c"
},
{
"name": "https://help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html#Release_v13_5.html",
"refsource": "CONFIRM",
"url": "https://help.accusoft.com/PrizmDoc/v13.5/HTML/webframe.html#Release_v13_5.html"
}
]
}
}

34
2018/15xxx/CVE-2018-15828.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15828", "ID": "CVE-2018-15828",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

152
2018/3xxx/CVE-2018-3074.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3074", "ID": "CVE-2018-3074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.11 and prior" "version_value": "8.0.11 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180726-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180726-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104772", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104772" "lang": "eng",
}, "value": "Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "1041294", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1041294" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "1041294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "104772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104772"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
}
]
}
}

198
2018/3xxx/CVE-2018-3188.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3188", "ID": "CVE-2018-3188",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iStore", "product_name": "iStore",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.6" "version_value": "12.2.6"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.7" "version_value": "12.2.7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Web interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Web interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
{ }
"name" : "105631", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105631" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041897", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041897" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1041897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041897"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "105631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105631"
}
]
}
}

120
2018/3xxx/CVE-2018-3935.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2018-3935", "ID": "CVE-2018-3935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Yi Technology", "product_name": "Yi Technology",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Yi Technology Home Camera 27US 1.8.7.0D" "version_value": "Yi Technology Home Camera 27US 1.8.7.0D"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "unknown" "vendor_name": "unknown"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Uncontrolled Resource Consumption"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0602", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0602" "lang": "eng",
} "value": "An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0602",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0602"
}
]
}
}

316
2018/8xxx/CVE-2018-8134.json
View File

@ -1,160 +1,160 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8134", "ID": "CVE-2018-8134",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka \"Windows Elevation of Privilege Vulnerability.\" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44630", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/44630/" "lang": "eng",
}, "value": "An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka \"Windows Elevation of Privilege Vulnerability.\" This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8134", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8134" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104041", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104041" "lang": "eng",
}, "value": "Elevation of Privilege"
{ }
"name" : "1040849", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1040849" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1040849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040849"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8134",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8134"
},
{
"name": "44630",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44630/"
},
{
"name": "104041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104041"
}
]
}
}

170
2018/8xxx/CVE-2018-8274.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8274", "ID": "CVE-2018-8274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 Version 1703 for 32-bit Systems" "version_value": "Windows 10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1703 for x64-based Systems" "version_value": "Windows 10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for 32-bit Systems" "version_value": "Windows 10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1709 for x64-based Systems" "version_value": "Windows 10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for 32-bit Systems" "version_value": "Windows 10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for x64-based Systems" "version_value": "Windows 10 Version 1803 for x64-based Systems"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274" "lang": "eng",
}, "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301."
{ }
"name" : "104653", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104653" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041256", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041256" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104653"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274"
}
]
}
}

428
2018/8xxx/CVE-2018-8349.json
View File

@ -1,216 +1,216 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8349", "ID": "CVE-2018-8349",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 7", "product_name": "Windows 7",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 1" "version_value": "32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008", "product_name": "Windows Server 2008",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 2" "version_value": "32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "32-bit Systems Service Pack 2 (Server Core installation)" "version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
}, },
{ {
"version_value" : "Itanium-Based Systems Service Pack 2" "version_value": "Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2" "version_value": "x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2 (Server Core installation)" "version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012", "product_name": "Windows Server 2012",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008 R2", "product_name": "Windows Server 2008 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Itanium-Based Systems Service Pack 1" "version_value": "Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" "version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in \"Microsoft COM for Windows\" when it fails to properly handle serialized objects, aka \"Microsoft COM for Windows Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349" "lang": "eng",
}, "value": "A remote code execution vulnerability exists in \"Microsoft COM for Windows\" when it fails to properly handle serialized objects, aka \"Microsoft COM for Windows Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers."
{ }
"name" : "104984", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104984" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041466", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041466" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "104984",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104984"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349"
},
{
"name": "1041466",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041466"
}
]
}
}

34
2018/8xxx/CVE-2018-8818.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8818", "ID": "CVE-2018-8818",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/8xxx/CVE-2018-8890.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@blackberry.com", "ASSIGNER": "secure@blackberry.com",
"DATE_PUBLIC" : "2018-10-09T00:00:00", "DATE_PUBLIC": "2018-10-09T00:00:00",
"ID" : "CVE-2018-8890", "ID": "CVE-2018-8890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UEM", "product_name": "UEM",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.8.0 and 12.8.1" "version_value": "12.8.0 and 12.8.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "BlackBerry" "vendor_name": "BlackBerry"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000052161&language=en_US", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000052161&language=en_US" "lang": "eng",
} "value": "An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000052161&language=en_US",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000052161&language=en_US"
}
]
}
}

142
2018/8xxx/CVE-2018-8954.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vuln@ca.com", "ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC" : "2018-03-29T00:00:00", "DATE_PUBLIC": "2018-03-29T00:00:00",
"ID" : "CVE-2018-8954", "ID": "CVE-2018-8954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Workload Control Center", "product_name": "Workload Control Center",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "r11.4 SP5 and earlier" "version_value": "r11.4 SP5 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "CA Technologies" "vendor_name": "CA Technologies"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html" "lang": "eng",
}, "value": "CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request."
{ }
"name" : "103742", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103742" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040605", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040605" "lang": "eng",
} "value": "Arbitrary Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1040605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040605"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103742"
}
]
}
}