admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:25:05 +00:00
parent 4abbc8e63a
commit e0ce5754ec
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3290 additions and 3290 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2002/0xxx/CVE-2002-0197.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0197", "ID": "CVE-2002-0197",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the \"[B]\" sequence, which makes the message appear legitimate." "value": "psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the \"[B]\" sequence, which makes the message appear legitimate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020122 psyBNC 2.3 Beta - encrypted text \"spoofable\" in others' irc terminals", "name": "20020122 psyBNC2.3 Beta - encrypted text spoofable in others irc terminal",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101173478806580&w=2" "url": "http://online.securityfocus.com/archive/1/251832"
}, },
{ {
"name" : "20020122 psyBNC2.3 Beta - encrypted text spoofable in others irc terminal", "name": "20020122 psyBNC 2.3 Beta - encrypted text \"spoofable\" in others' irc terminals",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/251832" "url": "http://marc.info/?l=bugtraq&m=101173478806580&w=2"
}, },
{ {
"name" : "psybnc-view-encrypted-messages(7985)", "name": "3931",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/7985.php" "url": "http://www.securityfocus.com/bid/3931"
}, },
{ {
"name" : "3931", "name": "psybnc-view-encrypted-messages(7985)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/3931" "url": "http://www.iss.net/security_center/static/7985.php"
} }
] ]
} }

62
2002/0xxx/CVE-2002-0242.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0242", "ID": "CVE-2002-0242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed." "value": "Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020207 Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)", "name": "20020207 Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101309907709138&w=2" "url": "http://marc.info/?l=bugtraq&m=101309907709138&w=2"
} }
] ]
} }

74
2002/0xxx/CVE-2002-0515.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0515", "ID": "CVE-2002-0515",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs." "value": "IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020331 packet filter fingerprinting(open but closed, closed but filtered)", "name": "20020331 packet filter fingerprinting(open but closed, closed but filtered)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/265188" "url": "http://www.securityfocus.com/archive/1/265188"
}, },
{ {
"name" : "4403", "name": "4403",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4403" "url": "http://www.securityfocus.com/bid/4403"
}, },
{ {
"name" : "firewall-rst-fingerprint(8738)", "name": "firewall-rst-fingerprint(8738)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/8738.php" "url": "http://www.iss.net/security_center/static/8738.php"
} }
] ]
} }

80
2002/0xxx/CVE-2002-0619.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0619", "ID": "CVE-2002-0619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a \"Variant of MS00-071, Word Mail Merge Vulnerability\" (CVE-2000-0788)." "value": "The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a \"Variant of MS00-071, Word Mail Merge Vulnerability\" (CVE-2000-0788)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020514 dH team & SECURITY.NNOV: A variant of \"Word Mail Merge\" vulnerability", "name": "MS02-031",
"refsource" : "BUGTRAQ", "refsource": "MS",
"url" : "http://marc.info/?l=bugtraq&m=102139136019862&w=2" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-031"
}, },
{ {
"name" : "MS02-031", "name": "5066",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-031" "url": "http://www.securityfocus.com/bid/5066"
}, },
{ {
"name" : "word-mail-merge-variant(9077)", "name": "20020514 dH team & SECURITY.NNOV: A variant of \"Word Mail Merge\" vulnerability",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/9077.php" "url": "http://marc.info/?l=bugtraq&m=102139136019862&w=2"
}, },
{ {
"name" : "5066", "name": "word-mail-merge-variant(9077)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5066" "url": "http://www.iss.net/security_center/static/9077.php"
} }
] ]
} }

74
2002/0xxx/CVE-2002-0773.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0773", "ID": "CVE-2002-0773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath." "value": "imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020517 Hosting Controller still have dangerous bugs!", "name": "20020517 Hosting Controller still have dangerous bugs!",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-05/0142.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0142.html"
}, },
{ {
"name" : "4761", "name": "hosting-controller-improotdir-commands(9105)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/4761" "url": "http://www.iss.net/security_center/static/9105.php"
}, },
{ {
"name" : "hosting-controller-improotdir-commands(9105)", "name": "4761",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/9105.php" "url": "http://www.securityfocus.com/bid/4761"
} }
] ]
} }

74
2002/0xxx/CVE-2002-0911.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0911", "ID": "CVE-2002-0911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges." "value": "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "CSSA-2002-024.0", "name": "CSSA-2002-024.0",
"refsource" : "CALDERA", "refsource": "CALDERA",
"url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt" "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
}, },
{ {
"name" : "4923", "name": "volution-manager-plaintext-password(9240)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/4923" "url": "http://www.iss.net/security_center/static/9240.php"
}, },
{ {
"name" : "volution-manager-plaintext-password(9240)", "name": "4923",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/9240.php" "url": "http://www.securityfocus.com/bid/4923"
} }
] ]
} }

22
2002/1xxx/CVE-2002-1263.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2002-1263", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2002-1263",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1295. Reason: This candidate is a reservation duplicate of CVE-2002-1295. Notes: All CVE users should reference CVE-2002-1295 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1295. Reason: This candidate is a reservation duplicate of CVE-2002-1295. Notes: All CVE users should reference CVE-2002-1295 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

86
2002/1xxx/CVE-2002-1295.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1295", "ID": "CVE-2002-1295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka \"Incomplete Java Object Instantiation Vulnerability.\"" "value": "The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka \"Incomplete Java Object Instantiation Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021108 Technical information about unpatched MS Java vulnerabilities", "name": "6136",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=103682630823080&w=2" "url": "http://www.securityfocus.com/bid/6136"
}, },
{ {
"name" : "20021108 Technical information about unpatched MS Java vulnerabilities", "name": "MS02-069",
"refsource" : "NTBUGTRAQ", "refsource": "MS",
"url" : "http://marc.info/?l=ntbugtraq&m=103684360031565&w=2" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069"
}, },
{ {
"name" : "MS02-069", "name": "20021108 Technical information about unpatched MS Java vulnerabilities",
"refsource" : "MS", "refsource": "NTBUGTRAQ",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" "url": "http://marc.info/?l=ntbugtraq&m=103684360031565&w=2"
}, },
{ {
"name" : "6136", "name": "msvm-html-applet-dos(10588)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/6136" "url": "http://www.iss.net/security_center/static/10588.php"
}, },
{ {
"name" : "msvm-html-applet-dos(10588)", "name": "20021108 Technical information about unpatched MS Java vulnerabilities",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/10588.php" "url": "http://marc.info/?l=bugtraq&m=103682630823080&w=2"
} }
] ]
} }

80
2002/1xxx/CVE-2002-1476.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1476", "ID": "CVE-2002-1476",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh." "value": "Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "NetBSD-SA2002-012", "name": "NetBSD-SA2002-012",
"refsource" : "NETBSD", "refsource": "NETBSD",
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc" "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
}, },
{ {
"name" : "5724", "name": "7565",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/5724" "url": "http://www.osvdb.org/7565"
}, },
{ {
"name" : "netbsd-libc-setlocale-bo(10159)", "name": "5724",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/10159.php" "url": "http://www.securityfocus.com/bid/5724"
}, },
{ {
"name" : "7565", "name": "netbsd-libc-setlocale-bo(10159)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/7565" "url": "http://www.iss.net/security_center/static/10159.php"
} }
] ]
} }

80
2002/1xxx/CVE-2002-1857.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1857", "ID": "CVE-2002-1857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot (\"WEB-INF.\")." "value": "jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot (\"WEB-INF.\")."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020628 wp-02-0002: 'WEB-INF' Folder accessible in Multiple Web Application Servers", "name": "5119",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://online.securityfocus.com/archive/1/279582" "url": "http://www.securityfocus.com/bid/5119"
}, },
{ {
"name" : "http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt", "name": "webinf-dot-file-retrieval(9446)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt" "url": "http://www.iss.net/security_center/static/9446.php"
}, },
{ {
"name" : "5119", "name": "http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/5119" "url": "http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt"
}, },
{ {
"name" : "webinf-dot-file-retrieval(9446)", "name": "20020628 wp-02-0002: 'WEB-INF' Folder accessible in Multiple Web Application Servers",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/9446.php" "url": "http://online.securityfocus.com/archive/1/279582"
} }
] ]
} }

74
2002/1xxx/CVE-2002-1871.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1871", "ID": "CVE-2002-1871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a \"?\" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges." "value": "pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a \"?\" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "45693", "name": "5208",
"refsource" : "SUNALERT", "refsource": "BID",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1" "url": "http://www.securityfocus.com/bid/5208"
}, },
{ {
"name" : "5208", "name": "solaris-pkgadd-insecure-permissions(9544)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5208" "url": "http://www.iss.net/security_center/static/9544.php"
}, },
{ {
"name" : "solaris-pkgadd-insecure-permissions(9544)", "name": "45693",
"refsource" : "XF", "refsource": "SUNALERT",
"url" : "http://www.iss.net/security_center/static/9544.php" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1"
} }
] ]
} }

86
2002/2xxx/CVE-2002-2353.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2353", "ID": "CVE-2002-2353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests." "value": "tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.securiteam.com/windowsntfocus/6D00D2061G.html", "name": "VU#632633",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "http://www.securiteam.com/windowsntfocus/6D00D2061G.html" "url": "http://www.kb.cert.org/vuls/id/632633"
}, },
{ {
"name" : "http://tftpd32.jounin.net/", "name": "http://www.securiteam.com/windowsntfocus/6D00D2061G.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://tftpd32.jounin.net/" "url": "http://www.securiteam.com/windowsntfocus/6D00D2061G.html"
}, },
{ {
"name" : "VU#632633", "name": "tftp32-directory-traversal(10646)",
"refsource" : "CERT-VN", "refsource": "XF",
"url" : "http://www.kb.cert.org/vuls/id/632633" "url": "http://www.iss.net/security_center/static/10646.php"
}, },
{ {
"name" : "6198", "name": "6198",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6198" "url": "http://www.securityfocus.com/bid/6198"
}, },
{ {
"name" : "tftp32-directory-traversal(10646)", "name": "http://tftpd32.jounin.net/",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "http://www.iss.net/security_center/static/10646.php" "url": "http://tftpd32.jounin.net/"
} }
] ]
} }

74
2005/1xxx/CVE-2005-1000.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1000", "ID": "CVE-2005-1000",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Links module, (3) the ttitle parameter in the viewlinkdetails, viewlinkeditorial, viewlinkcomments, and ratelink actions in the Web_Links module, or (4) the username parameter in the Your_Account module." "value": "Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Links module, (3) the ttitle parameter in the viewlinkdetails, viewlinkeditorial, viewlinkcomments, and ratelink actions in the Web_Links module, or (4) the username parameter in the Your_Account module."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050404 [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12", "name": "20050404 [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2005-04/0037.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2005-04/0037.html"
}, },
{ {
"name" : "20050403 Full path disclosure and XSS in PHPNuke", "name": "20050403 Full path disclosure and XSS in PHPNuke",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111263454308478&w=2" "url": "http://marc.info/?l=bugtraq&m=111263454308478&w=2"
}, },
{ {
"name" : "phpnuke-modulesphp-xss(19952)", "name": "phpnuke-modulesphp-xss(19952)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19952" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19952"
} }
] ]
} }

116
2005/1xxx/CVE-2005-1211.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2005-1211", "ID": "CVE-2005-1211",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file." "value": "Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS05-025", "name": "oval:org.mitre.oval:def:1115",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-025" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1115"
}, },
{ {
"name" : "TA05-165A", "name": "MS05-025",
"refsource" : "CERT", "refsource": "MS",
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-165A.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-025"
}, },
{ {
"name" : "VU#189754", "name": "13941",
"refsource" : "CERT-VN", "refsource": "BID",
"url" : "http://www.kb.cert.org/vuls/id/189754" "url": "http://www.securityfocus.com/bid/13941"
}, },
{ {
"name" : "13941", "name": "oval:org.mitre.oval:def:770",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/13941" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A770"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1115", "name": "oval:org.mitre.oval:def:258",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1115" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A258"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1239", "name": "oval:org.mitre.oval:def:1239",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1239" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1239"
}, },
{ {
"name" : "oval:org.mitre.oval:def:258", "name": "oval:org.mitre.oval:def:782",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A258" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A782"
}, },
{ {
"name" : "oval:org.mitre.oval:def:770", "name": "TA05-165A",
"refsource" : "OVAL", "refsource": "CERT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A770" "url": "http://www.us-cert.gov/cas/techalerts/TA05-165A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:782", "name": "VU#189754",
"refsource" : "OVAL", "refsource": "CERT-VN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A782" "url": "http://www.kb.cert.org/vuls/id/189754"
}, },
{ {
"name" : "1014201", "name": "1014201",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1014201" "url": "http://securitytracker.com/id?1014201"
} }
] ]
} }

68
2009/0xxx/CVE-2009-0881.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0881", "ID": "CVE-2009-0881",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8167", "name": "isiajax-paises-sql-injection(49113)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/8167" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49113"
}, },
{ {
"name" : "isiajax-paises-sql-injection(49113)", "name": "8167",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49113" "url": "https://www.exploit-db.com/exploits/8167"
} }
] ]
} }

80
2009/1xxx/CVE-2009-1247.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1247", "ID": "CVE-2009-1247",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter." "value": "SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8291", "name": "8291",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8291" "url": "https://www.exploit-db.com/exploits/8291"
}, },
{ {
"name" : "34265", "name": "acutecontrol-login-sql-injection(49444)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/34265" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49444"
}, },
{ {
"name" : "34485", "name": "34265",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/34485" "url": "http://www.securityfocus.com/bid/34265"
}, },
{ {
"name" : "acutecontrol-login-sql-injection(49444)", "name": "34485",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49444" "url": "http://secunia.com/advisories/34485"
} }
] ]
} }

146
2009/1xxx/CVE-2009-1298.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2009-1298", "ID": "CVE-2009-1298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function." "value": "The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20091216 rPSA-2009-0161-1 hwdata kernel", "name": "http://twitter.com/spendergrsec/statuses/6339560349",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/508517/100/0/threaded" "url": "http://twitter.com/spendergrsec/statuses/6339560349"
}, },
{ {
"name" : "http://twitter.com/spendergrsec/statuses/6339560349", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bbf31bf18d34caa87dd01f08bf713635593697f2",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://twitter.com/spendergrsec/statuses/6339560349" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bbf31bf18d34caa87dd01f08bf713635593697f2"
}, },
{ {
"name" : "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/", "name": "SUSE-SA:2010:001",
"refsource" : "MISC", "refsource": "SUSE",
"url" : "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bbf31bf18d34caa87dd01f08bf713635593697f2", "name": "MDVSA-2009:329",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bbf31bf18d34caa87dd01f08bf713635593697f2" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=544144", "name": "USN-869-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=544144" "url": "http://www.ubuntu.com/usn/USN-869-1"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32", "name": "FEDORA-2009-12786",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00453.html"
}, },
{ {
"name" : "http://wiki.rpath.com/Advisories:rPSA-2009-0161", "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0161",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2009-0161" "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0161"
}, },
{ {
"name" : "FEDORA-2009-12786", "name": "20091216 rPSA-2009-0161-1 hwdata kernel",
"refsource" : "FEDORA", "refsource": "BUGTRAQ",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00453.html" "url": "http://www.securityfocus.com/archive/1/508517/100/0/threaded"
}, },
{ {
"name" : "FEDORA-2009-12825", "name": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/",
"refsource" : "FEDORA", "refsource": "MISC",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00496.html" "url": "http://www.theregister.co.uk/2009/12/11/linux_kernel_bugs_patched/"
}, },
{ {
"name" : "MDVSA-2009:329", "name": "37624",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329" "url": "http://secunia.com/advisories/37624"
}, },
{ {
"name" : "SUSE-SA:2010:001", "name": "FEDORA-2009-12825",
"refsource" : "SUSE", "refsource": "FEDORA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00496.html"
}, },
{ {
"name" : "USN-869-1", "name": "60788",
"refsource" : "UBUNTU", "refsource": "OSVDB",
"url" : "http://www.ubuntu.com/usn/USN-869-1" "url": "http://www.osvdb.org/60788"
}, },
{ {
"name" : "60788", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=544144",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/60788" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544144"
}, },
{ {
"name" : "37624", "name": "38017",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/37624" "url": "http://secunia.com/advisories/38017"
}, },
{ {
"name" : "38017", "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/38017" "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32"
} }
] ]
} }

68
2009/5xxx/CVE-2009-5001.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-5001", "ID": "CVE-2009-5001",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances." "value": "The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm", "name": "PJ35547",
"refsource" : "CONFIRM", "refsource": "AIXAPAR",
"url" : "http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35547"
}, },
{ {
"name" : "PJ35547", "name": "http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm",
"refsource" : "AIXAPAR", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35547" "url": "http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm"
} }
] ]
} }

98
2012/0xxx/CVE-2012-0116.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-0116", "ID": "CVE-2012-0116",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors." "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", "name": "USN-1397-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" "url": "http://www.ubuntu.com/usn/USN-1397-1"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687", "name": "53372",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687" "url": "http://secunia.com/advisories/53372"
}, },
{ {
"name" : "DSA-2429", "name": "GLSA-201308-06",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "http://www.debian.org/security/2012/dsa-2429" "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
}, },
{ {
"name" : "GLSA-201308-06", "name": "48250",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" "url": "http://secunia.com/advisories/48250"
}, },
{ {
"name" : "USN-1397-1", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-1397-1" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
}, },
{ {
"name" : "53372", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/53372" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687"
}, },
{ {
"name" : "48250", "name": "DSA-2429",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/48250" "url": "http://www.debian.org/security/2012/dsa-2429"
} }
] ]
} }

92
2012/0xxx/CVE-2012-0160.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0160", "ID": "CVE-2012-0160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka \".NET Framework Serialization Vulnerability.\"" "value": "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka \".NET Framework Serialization Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-035", "name": "53356",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-035" "url": "http://www.securityfocus.com/bid/53356"
}, },
{ {
"name" : "TA12-129A", "name": "1027036",
"refsource" : "CERT", "refsource": "SECTRACK",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-129A.html" "url": "http://www.securitytracker.com/id?1027036"
}, },
{ {
"name" : "53356", "name": "oval:org.mitre.oval:def:15554",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/53356" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15554"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15554", "name": "MS12-035",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15554" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-035"
}, },
{ {
"name" : "1027036", "name": "TA12-129A",
"refsource" : "SECTRACK", "refsource": "CERT",
"url" : "http://www.securitytracker.com/id?1027036" "url": "http://www.us-cert.gov/cas/techalerts/TA12-129A.html"
}, },
{ {
"name" : "49117", "name": "49117",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49117" "url": "http://secunia.com/advisories/49117"
} }
] ]
} }

122
2012/0xxx/CVE-2012-0605.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-0605", "ID": "CVE-2012-0605",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2." "value": "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2012-03-07-1", "name": "oval:org.mitre.oval:def:17060",
"refsource" : "APPLE", "refsource": "OVAL",
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17060"
}, },
{ {
"name" : "APPLE-SA-2012-03-07-2", "name": "52365",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" "url": "http://www.securityfocus.com/bid/52365"
}, },
{ {
"name" : "APPLE-SA-2012-03-12-1", "name": "apple-webkit-cve20120605-code-execution(73824)",
"refsource" : "APPLE", "refsource": "XF",
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73824"
}, },
{ {
"name" : "52365", "name": "1026774",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/52365" "url": "http://www.securitytracker.com/id?1026774"
}, },
{ {
"name" : "79927", "name": "48377",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/79927" "url": "http://secunia.com/advisories/48377"
}, },
{ {
"name" : "oval:org.mitre.oval:def:17060", "name": "APPLE-SA-2012-03-12-1",
"refsource" : "OVAL", "refsource": "APPLE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17060" "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
}, },
{ {
"name" : "1026774", "name": "48274",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1026774" "url": "http://secunia.com/advisories/48274"
}, },
{ {
"name" : "48274", "name": "APPLE-SA-2012-03-07-1",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/48274" "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
}, },
{ {
"name" : "48288", "name": "79927",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/48288" "url": "http://osvdb.org/79927"
}, },
{ {
"name" : "48377", "name": "48288",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48377" "url": "http://secunia.com/advisories/48288"
}, },
{ {
"name" : "apple-webkit-cve20120605-code-execution(73824)", "name": "APPLE-SA-2012-03-07-2",
"refsource" : "XF", "refsource": "APPLE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73824" "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
} }
] ]
} }

128
2012/2xxx/CVE-2012-2093.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2093", "ID": "CVE-2012-2093",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function." "value": "src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120410 RE: gajim insecure file creation when using latex", "name": "[oss-security] 20120410 gajim insecure file creation when using latex",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/10/15" "url": "http://www.openwall.com/lists/oss-security/2012/04/10/6"
}, },
{ {
"name" : "[oss-security] 20120410 gajim insecure file creation when using latex", "name": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/10/6" "url": "http://hg.gajim.org/gajim/rev/f046e4aaf7d4"
}, },
{ {
"name" : "http://hg.gajim.org/gajim/rev/f046e4aaf7d4", "name": "FEDORA-2012-6061",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "http://hg.gajim.org/gajim/rev/f046e4aaf7d4" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html"
}, },
{ {
"name" : "https://trac.gajim.org/changeset/13759/src/common/latex.py", "name": "53017",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://trac.gajim.org/changeset/13759/src/common/latex.py" "url": "http://www.securityfocus.com/bid/53017"
}, },
{ {
"name" : "FEDORA-2012-6001", "name": "48794",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html" "url": "http://secunia.com/advisories/48794"
}, },
{ {
"name" : "FEDORA-2012-6061", "name": "https://trac.gajim.org/changeset/13759/src/common/latex.py",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html" "url": "https://trac.gajim.org/changeset/13759/src/common/latex.py"
}, },
{ {
"name" : "FEDORA-2012-6161", "name": "GLSA-201208-04",
"refsource" : "FEDORA", "refsource": "GENTOO",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html" "url": "http://security.gentoo.org/glsa/glsa-201208-04.xml"
}, },
{ {
"name" : "GLSA-201208-04", "name": "gajim-gettmpfilename-symlink(74869)",
"refsource" : "GENTOO", "refsource": "XF",
"url" : "http://security.gentoo.org/glsa/glsa-201208-04.xml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74869"
}, },
{ {
"name" : "53017", "name": "48695",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/53017" "url": "http://secunia.com/advisories/48695"
}, },
{ {
"name" : "48695", "name": "FEDORA-2012-6161",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/48695" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html"
}, },
{ {
"name" : "48794", "name": "[oss-security] 20120410 RE: gajim insecure file creation when using latex",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/48794" "url": "http://www.openwall.com/lists/oss-security/2012/04/10/15"
}, },
{ {
"name" : "gajim-gettmpfilename-symlink(74869)", "name": "FEDORA-2012-6001",
"refsource" : "XF", "refsource": "FEDORA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74869" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html"
} }
] ]
} }

104
2012/2xxx/CVE-2012-2712.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2712", "ID": "CVE-2012-2712",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors." "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "name": "http://drupalcode.org/project/search_api.git/commitdiff/5a18c8c",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "url": "http://drupalcode.org/project/search_api.git/commitdiff/5a18c8c"
}, },
{ {
"name" : "http://drupal.org/node/1597364", "name": "http://drupal.org/node/1597364",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://drupal.org/node/1597364" "url": "http://drupal.org/node/1597364"
}, },
{ {
"name" : "http://drupal.org/node/1596524", "name": "49236",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://drupal.org/node/1596524" "url": "http://secunia.com/advisories/49236"
}, },
{ {
"name" : "http://drupalcode.org/project/search_api.git/commitdiff/5a18c8c", "name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://drupalcode.org/project/search_api.git/commitdiff/5a18c8c" "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
}, },
{ {
"name" : "53672", "name": "searchapi-exceptions-errors-xss(75868)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/53672" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75868"
}, },
{ {
"name" : "82230", "name": "82230",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/82230" "url": "http://www.osvdb.org/82230"
}, },
{ {
"name" : "49236", "name": "http://drupal.org/node/1596524",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/49236" "url": "http://drupal.org/node/1596524"
}, },
{ {
"name" : "searchapi-exceptions-errors-xss(75868)", "name": "53672",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75868" "url": "http://www.securityfocus.com/bid/53672"
} }
] ]
} }

92
2012/3xxx/CVE-2012-3603.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3603", "ID": "CVE-2012-3603",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1." "value": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5400", "name": "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400" "url": "http://support.apple.com/kb/HT5485"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5485", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5485" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "APPLE-SA-2012-07-25-1", "name": "APPLE-SA-2012-09-12-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-12-1", "name": "APPLE-SA-2012-07-25-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "http://support.apple.com/kb/HT5400",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "http://support.apple.com/kb/HT5400"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3760.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3760", "ID": "CVE-2012-3760",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/4xxx/CVE-2012-4080.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-4080", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-4080",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }

62
2012/4xxx/CVE-2012-4579.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4579", "ID": "CVE-2012-4579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add Trigger popup within a Triggers page that references crafted table names, (4) an invalid trigger-creation attempt for a crafted table name, (5) crafted data in a table, or (6) a crafted tooltip label name during GIS data visualization, a different issue than CVE-2012-4345." "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add Trigger popup within a Triggers page that references crafted table names, (4) an invalid trigger-creation attempt for a crafted table name, (5) crafted data in a table, or (6) a crafted tooltip label name during GIS data visualization, a different issue than CVE-2012-4345."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php", "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php" "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php"
} }
] ]
} }

68
2012/4xxx/CVE-2012-4621.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-4621", "ID": "CVE-2012-4621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049." "value": "The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20120926 Cisco IOS Software DHCP Denial of Service Vulnerability", "name": "1027572",
"refsource" : "CISCO", "refsource": "SECTRACK",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcp" "url": "http://www.securitytracker.com/id?1027572"
}, },
{ {
"name" : "1027572", "name": "20120926 Cisco IOS Software DHCP Denial of Service Vulnerability",
"refsource" : "SECTRACK", "refsource": "CISCO",
"url" : "http://www.securitytracker.com/id?1027572" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcp"
} }
] ]
} }

22
2012/4xxx/CVE-2012-4981.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4981", "ID": "CVE-2012-4981",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/6xxx/CVE-2012-6323.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6323", "ID": "CVE-2012-6323",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2012/6xxx/CVE-2012-6530.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6530", "ID": "CVE-2012-6530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request." "value": "Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18382", "name": "http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/18382" "url": "http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html"
}, },
{ {
"name" : "18420", "name": "18382",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18420" "url": "http://www.exploit-db.com/exploits/18382"
}, },
{ {
"name" : "http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html", "name": "18420",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html" "url": "http://www.exploit-db.com/exploits/18420"
}, },
{ {
"name" : "51548", "name": "51548",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/51548" "url": "http://www.securityfocus.com/bid/51548"
} }
] ]
} }

22
2017/2xxx/CVE-2017-2062.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-2062", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-2062",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

78
2017/2xxx/CVE-2017-2607.json
View File

@ -1,79 +1,79 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2017-2607", "ID": "CVE-2017-2607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "jenkins", "product_name": "jenkins",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "jenkins 2.44" "version_value": "jenkins 2.44"
}, },
{ {
"version_value" : "jenkins 2.32.2" "version_value": "jenkins 2.32.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins users, or users with SCM access, could configure jobs or modify build scripts such that they print serialized console notes that perform cross-site scripting attacks on Jenkins users viewing the build logs." "value": "jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins users, or users with SCM access, could configure jobs or modify build scripts such that they print serialized console notes that perform cross-site scripting attacks on Jenkins users viewing the build logs."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : [ "cvss": [
[ [
{ {
"vectorString" : "4.2/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "vectorString": "4.2/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version" : "3.0" "version": "3.0"
} }
] ]
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-79" "value": "CWE-79"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2607", "name": "95963",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2607" "url": "http://www.securityfocus.com/bid/95963"
}, },
{ {
"name" : "95963", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2607",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/95963" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2607"
} }
] ]
} }

22
2017/2xxx/CVE-2017-2772.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-2772", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-2772",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

80
2017/2xxx/CVE-2017-2951.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-2951", "ID": "CVE-2017-2951",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.", "product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier." "version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution." "value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use After Free" "value": "Use After Free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-022", "name": "1037574",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-022" "url": "http://www.securitytracker.com/id/1037574"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html", "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html" "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}, },
{ {
"name" : "95343", "name": "95343",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/95343" "url": "http://www.securityfocus.com/bid/95343"
}, },
{ {
"name" : "1037574", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-022",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1037574" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
} }
] ]
} }

74
2017/6xxx/CVE-2017-6620.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-6620", "ID": "CVE-2017-6620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco CVR100W Wireless-N VPN Router", "product_name": "Cisco CVR100W Wireless-N VPN Router",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco CVR100W Wireless-N VPN Router" "version_value": "Cisco CVR100W Wireless-N VPN Router"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL. The vulnerability is due to incorrect implementation of the ACL decision made during the ingress connection request to the remote management interface. An attacker could exploit this vulnerability by sending a connection to the management IP address or domain name of the targeted device. A successful exploit could allow the attacker to bypass the configured remote management ACL. This can occur when the Remote Management configuration parameter is set to Disabled. This vulnerability affects Cisco CVR100W Wireless-N VPN Routers running a firmware image prior to 1.0.1.24. Cisco Bug IDs: CSCvc14457." "value": "A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL. The vulnerability is due to incorrect implementation of the ACL decision made during the ingress connection request to the remote management interface. An attacker could exploit this vulnerability by sending a connection to the management IP address or domain name of the targeted device. A successful exploit could allow the attacker to bypass the configured remote management ACL. This can occur when the Remote Management configuration parameter is set to Disabled. This vulnerability affects Cisco CVR100W Wireless-N VPN Routers running a firmware image prior to 1.0.1.24. Cisco Bug IDs: CSCvc14457."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-264" "value": "CWE-264"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2", "name": "1038395",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2" "url": "http://www.securitytracker.com/id/1038395"
}, },
{ {
"name" : "98289", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/98289" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w2"
}, },
{ {
"name" : "1038395", "name": "98289",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038395" "url": "http://www.securityfocus.com/bid/98289"
} }
] ]
} }

22
2017/6xxx/CVE-2017-6787.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6787", "ID": "CVE-2017-6787",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2017/6xxx/CVE-2017-6830.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6830", "ID": "CVE-2017-6830",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file." "value": "Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp)", "name": "https://github.com/mpruett/audiofile/pull/42",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2017/03/13/2" "url": "https://github.com/mpruett/audiofile/pull/42"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/", "name": "https://github.com/mpruett/audiofile/issues/34",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/" "url": "https://github.com/mpruett/audiofile/issues/34"
}, },
{ {
"name" : "https://github.com/mpruett/audiofile/issues/34", "name": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/mpruett/audiofile/issues/34" "url": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/"
}, },
{ {
"name" : "https://github.com/mpruett/audiofile/pull/42", "name": "DSA-3814",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://github.com/mpruett/audiofile/pull/42" "url": "http://www.debian.org/security/2017/dsa-3814"
}, },
{ {
"name" : "DSA-3814", "name": "[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp)",
"refsource" : "DEBIAN", "refsource": "MLIST",
"url" : "http://www.debian.org/security/2017/dsa-3814" "url": "http://www.openwall.com/lists/oss-security/2017/03/13/2"
} }
] ]
} }

86
2017/6xxx/CVE-2017-6839.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6839", "ID": "CVE-2017-6839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file." "value": "Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170313 Re: audiofile: multiple ubsan crashes", "name": "DSA-3814",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2017/03/13/9" "url": "http://www.debian.org/security/2017/dsa-3814"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/", "name": "https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/" "url": "https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9"
}, },
{ {
"name" : "https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9", "name": "[oss-security] 20170313 Re: audiofile: multiple ubsan crashes",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9" "url": "http://www.openwall.com/lists/oss-security/2017/03/13/9"
}, },
{ {
"name" : "https://github.com/mpruett/audiofile/issues/41", "name": "https://github.com/mpruett/audiofile/issues/41",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/mpruett/audiofile/issues/41" "url": "https://github.com/mpruett/audiofile/issues/41"
}, },
{ {
"name" : "DSA-3814", "name": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2017/dsa-3814" "url": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/"
} }
] ]
} }

62
2018/11xxx/CVE-2018-11011.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11011", "ID": "CVE-2018-11011",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java." "value": "ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ruibaby/halo/issues/9", "name": "https://github.com/ruibaby/halo/issues/9",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/ruibaby/halo/issues/9" "url": "https://github.com/ruibaby/halo/issues/9"
} }
] ]
} }

78
2018/11xxx/CVE-2018-11063.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC" : "2018-08-06T04:00:00.000Z", "DATE_PUBLIC": "2018-08-06T04:00:00.000Z",
"ID" : "CVE-2018-11063", "ID": "CVE-2018-11063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Wyse Management Suite", "product_name": "Wyse Management Suite",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<=", "affected": "<=",
"version_name" : "Standard", "version_name": "Standard",
"version_value" : "1.1" "version_value": "1.1"
}, },
{ {
"affected" : "<=", "affected": "<=",
"version_name" : "Pro", "version_name": "Pro",
"version_value" : "1.1" "version_value": "1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Dell" "vendor_name": "Dell"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary executables with elevated privileges." "value": "Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary executables with elevated privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unquoted Service Path Vulnerabilities" "value": "Unquoted Service Path Vulnerabilities"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.dell.com/support/article/us/en/19/sln313398/dell-wyse-management-suite-multiple-unquoted-service-path-vulnerabilities?lang=en", "name": "https://www.dell.com/support/article/us/en/19/sln313398/dell-wyse-management-suite-multiple-unquoted-service-path-vulnerabilities?lang=en",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.dell.com/support/article/us/en/19/sln313398/dell-wyse-management-suite-multiple-unquoted-service-path-vulnerabilities?lang=en" "url": "https://www.dell.com/support/article/us/en/19/sln313398/dell-wyse-management-suite-multiple-unquoted-service-path-vulnerabilities?lang=en"
} }
] ]
}, },
"source" : { "source": {
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

98
2018/11xxx/CVE-2018-11358.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11358", "ID": "CVE-2018-11358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup." "value": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180528 [SECURITY] [DLA 1388-1] wireshark security update", "name": "https://www.wireshark.org/security/wnpa-sec-2018-31.html",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html" "url": "https://www.wireshark.org/security/wnpa-sec-2018-31.html"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689", "name": "104308",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689" "url": "http://www.securityfocus.com/bid/104308"
}, },
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689"
}, },
{ {
"name" : "https://www.wireshark.org/security/wnpa-sec-2018-31.html", "name": "DSA-4217",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://www.wireshark.org/security/wnpa-sec-2018-31.html" "url": "https://www.debian.org/security/2018/dsa-4217"
}, },
{ {
"name" : "DSA-4217", "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "https://www.debian.org/security/2018/dsa-4217" "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252"
}, },
{ {
"name" : "104308", "name": "[debian-lts-announce] 20180528 [SECURITY] [DLA 1388-1] wireshark security update",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/104308" "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html"
}, },
{ {
"name" : "1041036", "name": "1041036",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041036" "url": "http://www.securitytracker.com/id/1041036"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11907.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11907", "ID": "CVE-2018-11907",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue." "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44", "name": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44" "url": "https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44"
}, },
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", "name": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" "url": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin"
} }
] ]
} }

22
2018/14xxx/CVE-2018-14024.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14024", "ID": "CVE-2018-14024",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/14xxx/CVE-2018-14472.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14472", "ID": "CVE-2018-14472",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection." "value": "An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wuzhicms/wuzhicms/issues/144", "name": "https://github.com/wuzhicms/wuzhicms/issues/144",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/wuzhicms/wuzhicms/issues/144" "url": "https://github.com/wuzhicms/wuzhicms/issues/144"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15294.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15294", "ID": "CVE-2018-15294",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/15xxx/CVE-2018-15677.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15677", "ID": "CVE-2018-15677",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF." "value": "The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://rastating.github.io/xbtit-multiple-vulnerabilities/", "name": "https://github.com/btiteam/xbtit/pull/58",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://rastating.github.io/xbtit-multiple-vulnerabilities/" "url": "https://github.com/btiteam/xbtit/pull/58"
}, },
{ {
"name" : "https://github.com/btiteam/xbtit/pull/58", "name": "https://rastating.github.io/xbtit-multiple-vulnerabilities/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://github.com/btiteam/xbtit/pull/58" "url": "https://rastating.github.io/xbtit-multiple-vulnerabilities/"
} }
] ]
} }

62
2018/20xxx/CVE-2018-20300.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20300", "ID": "CVE-2018-20300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file." "value": "Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://p0desta.com/2018/12/19/empirecms%E6%9C%80%E6%96%B0%E7%89%88%E5%90%8E%E5%8F%B0%E5%A4%9A%E5%A4%84getshell/", "name": "http://p0desta.com/2018/12/19/empirecms%E6%9C%80%E6%96%B0%E7%89%88%E5%90%8E%E5%8F%B0%E5%A4%9A%E5%A4%84getshell/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://p0desta.com/2018/12/19/empirecms%E6%9C%80%E6%96%B0%E7%89%88%E5%90%8E%E5%8F%B0%E5%A4%9A%E5%A4%84getshell/" "url": "http://p0desta.com/2018/12/19/empirecms%E6%9C%80%E6%96%B0%E7%89%88%E5%90%8E%E5%8F%B0%E5%A4%9A%E5%A4%84getshell/"
} }
] ]
} }

68
2018/20xxx/CVE-2018-20302.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20302", "ID": "CVE-2018-20302",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter." "value": "An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/dependabot/elixir-security-advisories/blob/master/packages/xain/2018-09-03.yml", "name": "https://github.com/smpallen99/xain/issues/18",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/dependabot/elixir-security-advisories/blob/master/packages/xain/2018-09-03.yml" "url": "https://github.com/smpallen99/xain/issues/18"
}, },
{ {
"name" : "https://github.com/smpallen99/xain/issues/18", "name": "https://github.com/dependabot/elixir-security-advisories/blob/master/packages/xain/2018-09-03.yml",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/smpallen99/xain/issues/18" "url": "https://github.com/dependabot/elixir-security-advisories/blob/master/packages/xain/2018-09-03.yml"
} }
] ]
} }

62
2018/20xxx/CVE-2018-20368.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20368", "ID": "CVE-2018-20368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback." "value": "The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.vulnerability-lab.com/get_content.php?id=2158", "name": "https://www.vulnerability-lab.com/get_content.php?id=2158",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.vulnerability-lab.com/get_content.php?id=2158" "url": "https://www.vulnerability-lab.com/get_content.php?id=2158"
} }
] ]
} }

22
2018/20xxx/CVE-2018-20624.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20624", "ID": "CVE-2018-20624",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/9xxx/CVE-2018-9131.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-9131", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-9131",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }

22
2018/9xxx/CVE-2018-9475.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9475", "ID": "CVE-2018-9475",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }