admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:17:01 +00:00
parent 3d31e5ca36
commit e3d776c5d8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3909 additions and 3909 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2001/0xxx/CVE-2001-0002.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0002", "ID": "CVE-2001-0002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs." "value": "Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS01-015", "name": "oval:org.mitre.oval:def:920",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920"
}, },
{ {
"name" : "http://www.guninski.com/chmtempmain.html", "name": "7823",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.guninski.com/chmtempmain.html" "url": "http://www.osvdb.org/7823"
}, },
{ {
"name" : "2456", "name": "MS01-015",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/2456" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015"
}, },
{ {
"name" : "7823", "name": "ie-chm-execute-files(5567)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/7823" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5567"
}, },
{ {
"name" : "oval:org.mitre.oval:def:920", "name": "2456",
"refsource" : "OVAL", "refsource": "BID",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920" "url": "http://www.securityfocus.com/bid/2456"
}, },
{ {
"name" : "ie-chm-execute-files(5567)", "name": "http://www.guninski.com/chmtempmain.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5567" "url": "http://www.guninski.com/chmtempmain.html"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0253.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0253", "ID": "CVE-2001-0253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter." "value": "Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010128 Hyperseek 2000 Search Engine - \"show directory & files\" bug", "name": "VU#146704",
"refsource" : "BUGTRAQ", "refsource": "CERT-VN",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-01/0463.html" "url": "http://www.kb.cert.org/vuls/id/146704"
}, },
{ {
"name" : "VU#146704", "name": "2314",
"refsource" : "CERT-VN", "refsource": "BID",
"url" : "http://www.kb.cert.org/vuls/id/146704" "url": "http://www.securityfocus.com/bid/2314"
}, },
{ {
"name" : "2314", "name": "20010128 Hyperseek 2000 Search Engine - \"show directory & files\" bug",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/2314" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0463.html"
}, },
{ {
"name" : "hyperseek-cgi-reveal-info(6012)", "name": "hyperseek-cgi-reveal-info(6012)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6012" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6012"
} }
] ]
} }

68
2001/0xxx/CVE-2001-0516.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0516", "ID": "CVE-2001-0516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data." "value": "Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010515 Multiple Oracle Listener Denial of Service Vulnerabilities", "name": "20010515 Multiple Oracle Listener Denial of Service Vulnerabilities",
"refsource" : "ISS", "refsource": "ISS",
"url" : "http://xforce.iss.net/alerts/advise82.php" "url": "http://xforce.iss.net/alerts/advise82.php"
}, },
{ {
"name" : "http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf", "name": "http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf" "url": "http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0667.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0667", "ID": "CVE-2001-0667",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150." "value": "Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS01-051", "name": "VU#952611",
"refsource" : "MS", "refsource": "CERT-VN",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051" "url": "http://www.kb.cert.org/vuls/id/952611"
}, },
{ {
"name" : "M-024", "name": "MS01-051",
"refsource" : "CIAC", "refsource": "MS",
"url" : "http://www.ciac.org/ciac/bulletins/m-024.shtml" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051"
}, },
{ {
"name" : "VU#952611", "name": "ie-telnet-command-execution-variant(7260)",
"refsource" : "CERT-VN", "refsource": "XF",
"url" : "http://www.kb.cert.org/vuls/id/952611" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7260"
}, },
{ {
"name" : "ie-telnet-command-execution-variant(7260)", "name": "M-024",
"refsource" : "XF", "refsource": "CIAC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7260" "url": "http://www.ciac.org/ciac/bulletins/m-024.shtml"
} }
] ]
} }

68
2001/0xxx/CVE-2001-0754.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0754", "ID": "CVE-2001-0754",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets." "value": "Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010522 More Multiple Vulnerabilities in CBOS", "name": "20010522 More Multiple Vulnerabilities in CBOS",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html" "url": "http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html"
}, },
{ {
"name" : "cisco-cbos-multiple-echo(7299)", "name": "cisco-cbos-multiple-echo(7299)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7299"
} }
] ]
} }

74
2001/0xxx/CVE-2001-0771.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0771", "ID": "CVE-2001-0771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the \"loginpass\" field." "value": "Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the \"loginpass\" field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010521 SpyAnywhere Authentication Bypassing Vulnerabilities", "name": "20010521 SpyAnywhere Authentication Bypassing Vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/186006" "url": "http://www.securityfocus.com/archive/1/186006"
}, },
{ {
"name" : "2755", "name": "spyanywhere-weak-authentication(6578)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/2755" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6578"
}, },
{ {
"name" : "spyanywhere-weak-authentication(6578)", "name": "2755",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6578" "url": "http://www.securityfocus.com/bid/2755"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0924.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0924", "ID": "CVE-2001-0924",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter." "value": "Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20011122 double dot vulnerability on a site running Informix database.", "name": "20011127 Re: double dot vulnerability on a site running Informix database.",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=100654890029878&w=2" "url": "http://marc.info/?l=bugtraq&m=100688672019635&w=2"
}, },
{ {
"name" : "20011127 Re: double dot vulnerability on a site running Informix database.", "name": "informix-web-datablade-directory-traversal(7585)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=100688672019635&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7585"
}, },
{ {
"name" : "3575", "name": "3575",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3575" "url": "http://www.securityfocus.com/bid/3575"
}, },
{ {
"name" : "informix-web-datablade-directory-traversal(7585)", "name": "20011122 double dot vulnerability on a site running Informix database.",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7585" "url": "http://marc.info/?l=bugtraq&m=100654890029878&w=2"
} }
] ]
} }

92
2001/1xxx/CVE-2001-1567.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1567", "ID": "CVE-2001-1567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of \"+\" characters before the .nsf file extension, which are converted to spaces by Domino." "value": "Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of \"+\" characters before the .nsf file extension, which are converted to spaces by Domino."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020203 Lotus Domino password bypass", "name": "20020204 Re: Lotus Domino password bypass",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101284222932568&w=2" "url": "http://marc.info/?l=bugtraq&m=101285903120879&w=2"
}, },
{ {
"name" : "20020204 Lotus Domino password bypass", "name": "20020203 Lotus Domino password bypass",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101286525008089&w=2" "url": "http://marc.info/?l=bugtraq&m=101284222932568&w=2"
}, },
{ {
"name" : "20020204 Re: Lotus Domino password bypass", "name": "lotus-domino-auth-bypass(8072)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=101285903120879&w=2" "url": "http://www.iss.net/security_center/static/8072.php"
}, },
{ {
"name" : "http://www.nextgenss.com/papers/hpldws.pdf", "name": "20020204 Lotus Domino password bypass",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.nextgenss.com/papers/hpldws.pdf" "url": "http://marc.info/?l=bugtraq&m=101286525008089&w=2"
}, },
{ {
"name" : "4022", "name": "4022",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4022" "url": "http://www.securityfocus.com/bid/4022"
}, },
{ {
"name" : "lotus-domino-auth-bypass(8072)", "name": "http://www.nextgenss.com/papers/hpldws.pdf",
"refsource" : "XF", "refsource": "MISC",
"url" : "http://www.iss.net/security_center/static/8072.php" "url": "http://www.nextgenss.com/papers/hpldws.pdf"
} }
] ]
} }

92
2006/2xxx/CVE-2006-2248.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2248", "ID": "CVE-2006-2248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension." "value": "Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://secunia.com/secunia_research/2006-20/advisory/", "name": "ADV-2006-1682",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://secunia.com/secunia_research/2006-20/advisory/" "url": "http://www.vupen.com/english/advisories/2006/1682"
}, },
{ {
"name" : "17858", "name": "http://secunia.com/secunia_research/2006-20/advisory/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/17858" "url": "http://secunia.com/secunia_research/2006-20/advisory/"
}, },
{ {
"name" : "ADV-2006-1682", "name": "19325",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/1682" "url": "http://secunia.com/advisories/19325"
}, },
{ {
"name" : "25283", "name": "xeneo-script-source-disclosure(26294)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/25283" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26294"
}, },
{ {
"name" : "19325", "name": "17858",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/19325" "url": "http://www.securityfocus.com/bid/17858"
}, },
{ {
"name" : "xeneo-script-source-disclosure(26294)", "name": "25283",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26294" "url": "http://www.osvdb.org/25283"
} }
] ]
} }

98
2006/2xxx/CVE-2006-2503.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2503", "ID": "CVE-2006-2503",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter." "value": "SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060515 DeluxeBB 1.06 Remote SQL Injection Exploit", "name": "deluxebb-misc-sql-injection(26469)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/434040/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26469"
}, },
{ {
"name" : "17989", "name": "ADV-2006-1823",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/17989" "url": "http://www.vupen.com/english/advisories/2006/1823"
}, },
{ {
"name" : "ADV-2006-1823", "name": "20104",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/1823" "url": "http://secunia.com/advisories/20104"
}, },
{ {
"name" : "25529", "name": "17989",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/25529" "url": "http://www.securityfocus.com/bid/17989"
}, },
{ {
"name" : "20104", "name": "20060515 DeluxeBB 1.06 Remote SQL Injection Exploit",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/20104" "url": "http://www.securityfocus.com/archive/1/434040/100/0/threaded"
}, },
{ {
"name" : "935", "name": "935",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/935" "url": "http://securityreason.com/securityalert/935"
}, },
{ {
"name" : "deluxebb-misc-sql-injection(26469)", "name": "25529",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26469" "url": "http://www.osvdb.org/25529"
} }
] ]
} }

128
2006/2xxx/CVE-2006-2745.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2745", "ID": "CVE-2006-2745",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) pathfile parameter in (a) p-editpage.php and (b) p-editbox.php, and the (2) mytheme and (3) myskin parameters in multiple \"p-themes\" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao." "value": "Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) pathfile parameter in (a) p-editpage.php and (b) p-editbox.php, and the (2) mytheme and (3) myskin parameters in multiple \"p-themes\" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060528 Advisory: F@cile Interactive Web <= 0.8x Multiple RemoteVulnerabilities.", "name": "20060528 Advisory: F@cile Interactive Web <= 0.8x Multiple RemoteVulnerabilities.",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435283/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/435283/100/0/threaded"
}, },
{ {
"name" : "http://www.nukedx.com/?getxpl=35", "name": "f@cile-themes-file-include(26854)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.nukedx.com/?getxpl=35" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26854"
}, },
{ {
"name" : "http://www.nukedx.com/?viewdoc=35", "name": "http://www.nukedx.com/?viewdoc=35",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.nukedx.com/?viewdoc=35" "url": "http://www.nukedx.com/?viewdoc=35"
}, },
{ {
"name" : "18149", "name": "ADV-2006-2036",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/18149" "url": "http://www.vupen.com/english/advisories/2006/2036"
}, },
{ {
"name" : "ADV-2006-2036", "name": "f@cile-peditpage-peditbox-file-include(26841)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2006/2036" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26841"
}, },
{ {
"name" : "26101", "name": "http://www.nukedx.com/?getxpl=35",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/26101" "url": "http://www.nukedx.com/?getxpl=35"
}, },
{ {
"name" : "26102", "name": "26101",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26102" "url": "http://www.osvdb.org/26101"
}, },
{ {
"name" : "26103", "name": "26103",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26103" "url": "http://www.osvdb.org/26103"
}, },
{ {
"name" : "20358", "name": "18149",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/20358" "url": "http://www.securityfocus.com/bid/18149"
}, },
{ {
"name" : "1010", "name": "26102",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/1010" "url": "http://www.osvdb.org/26102"
}, },
{ {
"name" : "f@cile-peditpage-peditbox-file-include(26841)", "name": "20358",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26841" "url": "http://secunia.com/advisories/20358"
}, },
{ {
"name" : "f@cile-themes-file-include(26854)", "name": "1010",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26854" "url": "http://securityreason.com/securityalert/1010"
} }
] ]
} }

98
2006/2xxx/CVE-2006-2868.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2868", "ID": "CVE-2006-2868",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php." "value": "Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "1877", "name": "25324",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/1877" "url": "http://www.osvdb.org/25324"
}, },
{ {
"name" : "18265", "name": "18265",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/18265" "url": "http://www.securityfocus.com/bid/18265"
}, },
{ {
"name" : "ADV-2006-2126", "name": "25327",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2006/2126" "url": "http://www.osvdb.org/25327"
}, },
{ {
"name" : "25324", "name": "claroline-includepath-file-include(26909)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/25324" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26909"
}, },
{ {
"name" : "25327", "name": "ADV-2006-2126",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/25327" "url": "http://www.vupen.com/english/advisories/2006/2126"
}, },
{ {
"name" : "20434", "name": "20434",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20434" "url": "http://secunia.com/advisories/20434"
}, },
{ {
"name" : "claroline-includepath-file-include(26909)", "name": "1877",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26909" "url": "https://www.exploit-db.com/exploits/1877"
} }
] ]
} }

86
2008/5xxx/CVE-2008-5922.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5922", "ID": "CVE-2008-5922",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming CMS (CFAGCMS) 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) main and (2) right parameters." "value": "Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming CMS (CFAGCMS) 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) main and (2) right parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20081214 CFAGCMS Remote File Inclusion", "name": "http://www.bugreport.ir/index_58.htm",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/499213/100/0/threaded" "url": "http://www.bugreport.ir/index_58.htm"
}, },
{ {
"name" : "7459", "name": "32817",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7459" "url": "http://www.securityfocus.com/bid/32817"
}, },
{ {
"name" : "http://www.bugreport.ir/index_58.htm", "name": "7459",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://www.bugreport.ir/index_58.htm" "url": "https://www.exploit-db.com/exploits/7459"
}, },
{ {
"name" : "32817", "name": "4926",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/32817" "url": "http://securityreason.com/securityalert/4926"
}, },
{ {
"name" : "4926", "name": "20081214 CFAGCMS Remote File Inclusion",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/4926" "url": "http://www.securityfocus.com/archive/1/499213/100/0/threaded"
} }
] ]
} }

80
2011/2xxx/CVE-2011-2595.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2011-2595", "ID": "CVE-2011-2595",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file." "value": "Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "49558", "name": "75425",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/49558" "url": "http://osvdb.org/75425"
}, },
{ {
"name" : "75425", "name": "fotoslate-plp-bo(69723)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/75425" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69723"
}, },
{ {
"name" : "44722", "name": "44722",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/44722" "url": "http://secunia.com/advisories/44722"
}, },
{ {
"name" : "fotoslate-plp-bo(69723)", "name": "49558",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69723" "url": "http://www.securityfocus.com/bid/49558"
} }
] ]
} }

248
2011/2xxx/CVE-2011-2896.json
View File

@ -1,216 +1,216 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2896", "ID": "CVE-2011-2896",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895." "value": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110810 LZW decompression issues", "name": "DSA-2426",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2011/08/10/10" "url": "http://www.debian.org/security/2012/dsa-2426"
}, },
{ {
"name" : "http://cups.org/str.php?L3867", "name": "FEDORA-2011-11318",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "http://cups.org/str.php?L3867" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html"
}, },
{ {
"name" : "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc", "name": "GLSA-201209-23",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc" "url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=727800", "name": "http://cups.org/str.php?L3867",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=727800" "url": "http://cups.org/str.php?L3867"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=730338", "name": "[oss-security] 20110810 LZW decompression issues",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=730338" "url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
}, },
{ {
"name" : "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4", "name": "USN-1207-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4" "url": "http://www.ubuntu.com/usn/USN-1207-1"
}, },
{ {
"name" : "DSA-2354", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=727800",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2011/dsa-2354" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
}, },
{ {
"name" : "DSA-2426", "name": "RHSA-2012:1180",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2012/dsa-2426" "url": "http://rhn.redhat.com/errata/RHSA-2012-1180.html"
}, },
{ {
"name" : "FEDORA-2011-11173", "name": "48308",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html" "url": "http://secunia.com/advisories/48308"
}, },
{ {
"name" : "FEDORA-2011-11197", "name": "DSA-2354",
"refsource" : "FEDORA", "refsource": "DEBIAN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html" "url": "http://www.debian.org/security/2011/dsa-2354"
}, },
{ {
"name" : "FEDORA-2011-11221", "name": "45948",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html" "url": "http://secunia.com/advisories/45948"
}, },
{ {
"name" : "FEDORA-2011-11229", "name": "RHSA-2012:1181",
"refsource" : "FEDORA", "refsource": "REDHAT",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-1181.html"
}, },
{ {
"name" : "FEDORA-2011-11305", "name": "46024",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html" "url": "http://secunia.com/advisories/46024"
}, },
{ {
"name" : "FEDORA-2011-11318", "name": "45900",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html" "url": "http://secunia.com/advisories/45900"
}, },
{ {
"name" : "GLSA-201209-23", "name": "RHSA-2011:1635",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "http://security.gentoo.org/glsa/glsa-201209-23.xml" "url": "http://www.redhat.com/support/errata/RHSA-2011-1635.html"
}, },
{ {
"name" : "MDVSA-2011:146", "name": "FEDORA-2011-11221",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html"
}, },
{ {
"name" : "MDVSA-2011:167", "name": "FEDORA-2011-11173",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html"
}, },
{ {
"name" : "RHSA-2011:1635", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=730338",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1635.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
}, },
{ {
"name" : "RHSA-2012:1180", "name": "49148",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1180.html" "url": "http://www.securityfocus.com/bid/49148"
}, },
{ {
"name" : "RHSA-2012:1181", "name": "MDVSA-2011:146",
"refsource" : "REDHAT", "refsource": "MANDRIVA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1181.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
}, },
{ {
"name" : "USN-1207-1", "name": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-1207-1" "url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
}, },
{ {
"name" : "USN-1214-1", "name": "FEDORA-2011-11305",
"refsource" : "UBUNTU", "refsource": "FEDORA",
"url" : "http://www.ubuntu.com/usn/USN-1214-1" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html"
}, },
{ {
"name" : "49148", "name": "USN-1214-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/49148" "url": "http://www.ubuntu.com/usn/USN-1214-1"
}, },
{ {
"name" : "1025929", "name": "50737",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1025929" "url": "http://secunia.com/advisories/50737"
}, },
{ {
"name" : "45621", "name": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/45621" "url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
}, },
{ {
"name" : "45945", "name": "MDVSA-2011:167",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/45945" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167"
}, },
{ {
"name" : "45948", "name": "FEDORA-2011-11197",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/45948" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html"
}, },
{ {
"name" : "46024", "name": "FEDORA-2011-11229",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/46024" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html"
}, },
{ {
"name" : "45900", "name": "48236",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/45900" "url": "http://secunia.com/advisories/48236"
}, },
{ {
"name" : "50737", "name": "1025929",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/50737" "url": "http://www.securitytracker.com/id?1025929"
}, },
{ {
"name" : "48236", "name": "45621",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48236" "url": "http://secunia.com/advisories/45621"
}, },
{ {
"name" : "48308", "name": "45945",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48308" "url": "http://secunia.com/advisories/45945"
} }
] ]
} }

140
2011/3xxx/CVE-2011-3090.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3090", "ID": "CVE-2011-3090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes." "value": "Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=121223", "name": "GLSA-201205-03",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://code.google.com/p/chromium/issues/detail?id=121223" "url": "http://security.gentoo.org/glsa/glsa-201205-03.xml"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", "name": "oval:org.mitre.oval:def:15605",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15605"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5400", "name": "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400" "url": "http://support.apple.com/kb/HT5485"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5485", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5485" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "APPLE-SA-2012-07-25-1", "name": "openSUSE-SU-2012:0656",
"refsource" : "APPLE", "refsource": "SUSE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-12-1", "name": "1027067",
"refsource" : "APPLE", "refsource": "SECTRACK",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" "url": "http://www.securitytracker.com/id?1027067"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "google-chrome-wrokers-code-exec(75595)",
"refsource" : "APPLE", "refsource": "XF",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75595"
}, },
{ {
"name" : "GLSA-201205-03", "name": "APPLE-SA-2012-09-12-1",
"refsource" : "GENTOO", "refsource": "APPLE",
"url" : "http://security.gentoo.org/glsa/glsa-201205-03.xml" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
}, },
{ {
"name" : "openSUSE-SU-2012:0656", "name": "APPLE-SA-2012-07-25-1",
"refsource" : "SUSE", "refsource": "APPLE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html" "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
}, },
{ {
"name" : "53540", "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/53540" "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15605", "name": "53540",
"refsource" : "OVAL", "refsource": "BID",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15605" "url": "http://www.securityfocus.com/bid/53540"
}, },
{ {
"name" : "1027067", "name": "http://support.apple.com/kb/HT5400",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1027067" "url": "http://support.apple.com/kb/HT5400"
}, },
{ {
"name" : "google-chrome-wrokers-code-exec(75595)", "name": "http://code.google.com/p/chromium/issues/detail?id=121223",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75595" "url": "http://code.google.com/p/chromium/issues/detail?id=121223"
} }
] ]
} }

80
2011/4xxx/CVE-2011-4039.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2011-4039", "ID": "CVE-2011-4039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a \"write access violation.\"" "value": "Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a \"write access violation.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf" "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf"
}, },
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf" "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf"
}, },
{ {
"name" : "47742", "name": "47742",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/47742" "url": "http://secunia.com/advisories/47742"
}, },
{ {
"name" : "47933", "name": "47933",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/47933" "url": "http://secunia.com/advisories/47933"
} }
] ]
} }

62
2011/4xxx/CVE-2011-4487.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2011-4487", "ID": "CVE-2011-4487",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538." "value": "SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20120229 Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities", "name": "20120229 Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucm" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucm"
} }
] ]
} }

74
2013/0xxx/CVE-2013-0089.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2013-0089", "ID": "CVE-2013-0089",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability.\"" "value": "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS13-021", "name": "oval:org.mitre.oval:def:16587",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16587"
}, },
{ {
"name" : "TA13-071A", "name": "TA13-071A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-071A" "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16587", "name": "MS13-021",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16587" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021"
} }
] ]
} }

80
2013/0xxx/CVE-2013-0152.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0152", "ID": "CVE-2013-0152",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled." "value": "Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130123 Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest", "name": "55082",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2013/01/23/8" "url": "http://secunia.com/advisories/55082"
}, },
{ {
"name" : "GLSA-201309-24", "name": "1028032",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "http://security.gentoo.org/glsa/glsa-201309-24.xml" "url": "http://www.securitytracker.com/id/1028032"
}, },
{ {
"name" : "1028032", "name": "GLSA-201309-24",
"refsource" : "SECTRACK", "refsource": "GENTOO",
"url" : "http://www.securitytracker.com/id/1028032" "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
}, },
{ {
"name" : "55082", "name": "[oss-security] 20130123 Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/55082" "url": "http://www.openwall.com/lists/oss-security/2013/01/23/8"
} }
] ]
} }

86
2013/1xxx/CVE-2013-1026.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-1026", "ID": "CVE-2013-1026",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document." "value": "Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5880", "name": "54886",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://support.apple.com/kb/HT5880" "url": "http://secunia.com/advisories/54886"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5934", "name": "http://support.apple.com/kb/HT5934",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5934" "url": "http://support.apple.com/kb/HT5934"
}, },
{ {
"name" : "APPLE-SA-2013-09-12-1", "name": "APPLE-SA-2013-09-12-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html" "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
}, },
{ {
"name" : "APPLE-SA-2013-09-18-2", "name": "http://support.apple.com/kb/HT5880",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" "url": "http://support.apple.com/kb/HT5880"
}, },
{ {
"name" : "54886", "name": "APPLE-SA-2013-09-18-2",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/54886" "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
} }
] ]
} }

62
2013/1xxx/CVE-2013-1214.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-1214", "ID": "CVE-2013-1214",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiting the scripts repository directory, aka Bug ID CSCuf77546." "value": "The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiting the scripts repository directory, aka Bug ID CSCuf77546."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130419 Cisco Unified Contact Center Express Editor Information Disclosure Vulnerability", "name": "20130419 Cisco Unified Contact Center Express Editor Information Disclosure Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1214" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1214"
} }
] ]
} }

74
2013/1xxx/CVE-2013-1325.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2013-1325", "ID": "CVE-2013-1325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka \"Word Heap Overwrite Vulnerability.\"" "value": "Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka \"Word Heap Overwrite Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS13-091", "name": "TA13-317A",
"refsource" : "MS", "refsource": "CERT",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-091" "url": "http://www.us-cert.gov/ncas/alerts/TA13-317A"
}, },
{ {
"name" : "TA13-317A", "name": "oval:org.mitre.oval:def:19321",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-317A" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19321"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19321", "name": "MS13-091",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19321" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-091"
} }
] ]
} }

68
2013/1xxx/CVE-2013-1510.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-1510", "ID": "CVE-2013-1510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0419." "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0419."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "MDVSA-2013:150",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

92
2013/1xxx/CVE-2013-1624.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1624", "ID": "CVE-2013-1624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169." "value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations", "name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2013/02/05/24" "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}, },
{ {
"name" : "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf", "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf" "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
}, },
{ {
"name" : "RHSA-2014:0371", "name": "RHSA-2014:0371",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0371.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
}, },
{ {
"name" : "RHSA-2014:0372", "name": "57719",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0372.html" "url": "http://secunia.com/advisories/57719"
}, },
{ {
"name" : "57716", "name": "57716",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/57716" "url": "http://secunia.com/advisories/57716"
}, },
{ {
"name" : "57719", "name": "RHSA-2014:0372",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/57719" "url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
} }
] ]
} }

22
2013/4xxx/CVE-2013-4395.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4395", "ID": "CVE-2013-4395",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

122
2013/5xxx/CVE-2013-5300.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5300", "ID": "CVE-2013-5300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched.php; the (3) section parameter to av_inventory/task_edit.php; the (4) profile parameter to nfsen/rrdgraph.php; or the (5) scan_server or (6) targets parameter to vulnmeter/simulate.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched.php; the (3) section parameter to av_inventory/task_edit.php; the (4) profile parameter to nfsen/rrdgraph.php; or the (5) scan_server or (6) targets parameter to vulnmeter/simulate.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://forums.alienvault.com/discussion/1609/patch-release-4-3-1", "name": "95814",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://forums.alienvault.com/discussion/1609/patch-release-4-3-1" "url": "http://www.osvdb.org/show/osvdb/95814"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/122547/Alienvault-OSSIM-Cross-Site-Scripting.html", "name": "95818",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://packetstormsecurity.com/files/122547/Alienvault-OSSIM-Cross-Site-Scripting.html" "url": "http://www.osvdb.org/show/osvdb/95818"
}, },
{ {
"name" : "61456", "name": "54264",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/61456" "url": "http://secunia.com/advisories/54264"
}, },
{ {
"name" : "95813", "name": "95816",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/show/osvdb/95813" "url": "http://www.osvdb.org/show/osvdb/95816"
}, },
{ {
"name" : "95814", "name": "http://packetstormsecurity.com/files/122547/Alienvault-OSSIM-Cross-Site-Scripting.html",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/show/osvdb/95814" "url": "http://packetstormsecurity.com/files/122547/Alienvault-OSSIM-Cross-Site-Scripting.html"
}, },
{ {
"name" : "95816", "name": "54287",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/show/osvdb/95816" "url": "http://secunia.com/advisories/54287"
}, },
{ {
"name" : "95817", "name": "61456",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/show/osvdb/95817" "url": "http://www.securityfocus.com/bid/61456"
}, },
{ {
"name" : "95818", "name": "95813",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/show/osvdb/95818" "url": "http://www.osvdb.org/show/osvdb/95813"
}, },
{ {
"name" : "54264", "name": "alienvault-ossim-multiple-xss(85994)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/54264" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85994"
}, },
{ {
"name" : "54287", "name": "http://forums.alienvault.com/discussion/1609/patch-release-4-3-1",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/54287" "url": "http://forums.alienvault.com/discussion/1609/patch-release-4-3-1"
}, },
{ {
"name" : "alienvault-ossim-multiple-xss(85994)", "name": "95817",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85994" "url": "http://www.osvdb.org/show/osvdb/95817"
} }
] ]
} }

110
2013/5xxx/CVE-2013-5653.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5653", "ID": "CVE-2013-5653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The getenv and filenameforall functions in Ghostscript 9.10 ignore the \"-dSAFER\" argument, which allows remote attackers to read data via a crafted postscript file." "value": "The getenv and filenameforall functions in Ghostscript 9.10 ignore the \"-dSAFER\" argument, which allows remote attackers to read data via a crafted postscript file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160929 Re: ImageMagick identify \"d:\" hangs", "name": "DSA-3691",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/29/28" "url": "http://www.debian.org/security/2016/dsa-3691"
}, },
{ {
"name" : "[oss-security] 20160929 Re: ImageMagick identify \"d:\" hangs", "name": "RHSA-2017:0013",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/29/5" "url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"
}, },
{ {
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=694724", "name": "RHSA-2017:0014",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=694724" "url": "http://rhn.redhat.com/errata/RHSA-2017-0014.html"
}, },
{ {
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=697169", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1380327",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=697169" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380327"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380327", "name": "https://bugs.ghostscript.com/show_bug.cgi?id=697169",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380327" "url": "https://bugs.ghostscript.com/show_bug.cgi?id=697169"
}, },
{ {
"name" : "DSA-3691", "name": "[oss-security] 20160929 Re: ImageMagick identify \"d:\" hangs",
"refsource" : "DEBIAN", "refsource": "MLIST",
"url" : "http://www.debian.org/security/2016/dsa-3691" "url": "http://www.openwall.com/lists/oss-security/2016/09/29/28"
}, },
{ {
"name" : "RHSA-2017:0013", "name": "96497",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0013.html" "url": "http://www.securityfocus.com/bid/96497"
}, },
{ {
"name" : "RHSA-2017:0014", "name": "[oss-security] 20160929 Re: ImageMagick identify \"d:\" hangs",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0014.html" "url": "http://www.openwall.com/lists/oss-security/2016/09/29/5"
}, },
{ {
"name" : "96497", "name": "https://bugs.ghostscript.com/show_bug.cgi?id=694724",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/96497" "url": "https://bugs.ghostscript.com/show_bug.cgi?id=694724"
} }
] ]
} }

74
2013/5xxx/CVE-2013-5688.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5688", "ID": "CVE-2013-5688",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action." "value": "Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-027.txt", "name": "http://ajaxplorer.info/ajaxplorer-core-5-0-3/",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-027.txt" "url": "http://ajaxplorer.info/ajaxplorer-core-5-0-3/"
}, },
{ {
"name" : "http://ajaxplorer.info/ajaxplorer-core-5-0-3/", "name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-027.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://ajaxplorer.info/ajaxplorer-core-5-0-3/" "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-027.txt"
}, },
{ {
"name" : "97022", "name": "97022",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/97022" "url": "http://osvdb.org/97022"
} }
] ]
} }

74
2013/5xxx/CVE-2013-5701.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5701", "ID": "CVE-2013-5701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory." "value": "Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130908 [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability", "name": "20130908 [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2013/Sep/43" "url": "http://seclists.org/fulldisclosure/2013/Sep/43"
}, },
{ {
"name" : "https://www.rcesecurity.com/2013/09/cve-2013-5701-watchguard-server-center-v11-7-4-wgpr-dll-local-privileges-escalation-vulnerability", "name": "https://www.rcesecurity.com/2013/09/cve-2013-5701-watchguard-server-center-v11-7-4-wgpr-dll-local-privileges-escalation-vulnerability",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.rcesecurity.com/2013/09/cve-2013-5701-watchguard-server-center-v11-7-4-wgpr-dll-local-privileges-escalation-vulnerability" "url": "https://www.rcesecurity.com/2013/09/cve-2013-5701-watchguard-server-center-v11-7-4-wgpr-dll-local-privileges-escalation-vulnerability"
}, },
{ {
"name" : "1028992", "name": "1028992",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1028992" "url": "http://www.securitytracker.com/id/1028992"
} }
] ]
} }

86
2017/0xxx/CVE-2017-0419.json
View File

@ -1,89 +1,89 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0419", "ID": "CVE-2017-0419",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32220769." "value": "An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32220769."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-02-01.html", "name": "1037798",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://source.android.com/security/bulletin/2017-02-01.html" "url": "http://www.securitytracker.com/id/1037798"
}, },
{ {
"name" : "96055", "name": "96055",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/96055" "url": "http://www.securityfocus.com/bid/96055"
}, },
{ {
"name" : "1037798", "name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037798" "url": "https://source.android.com/security/bulletin/2017-02-01.html"
} }
] ]
} }

86
2017/0xxx/CVE-2017-0420.json
View File

@ -1,89 +1,89 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0420", "ID": "CVE-2017-0420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32615212." "value": "An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32615212."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-02-01.html", "name": "96093",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-02-01.html" "url": "http://www.securityfocus.com/bid/96093"
}, },
{ {
"name" : "96093", "name": "1037798",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/96093" "url": "http://www.securitytracker.com/id/1037798"
}, },
{ {
"name" : "1037798", "name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037798" "url": "https://source.android.com/security/bulletin/2017-02-01.html"
} }
] ]
} }

92
2017/0xxx/CVE-2017-0558.json
View File

@ -1,94 +1,94 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0558", "ID": "CVE-2017-0558",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34056274." "value": "An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34056274."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://android.googlesource.com/platform/frameworks/av/+/50358a80b1724f6cf1bcdf003e1abf9cc141b122", "name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/50358a80b1724f6cf1bcdf003e1abf9cc141b122" "url": "https://source.android.com/security/bulletin/2017-04-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2017-04-01", "name": "https://android.googlesource.com/platform/frameworks/av/+/50358a80b1724f6cf1bcdf003e1abf9cc141b122",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01" "url": "https://android.googlesource.com/platform/frameworks/av/+/50358a80b1724f6cf1bcdf003e1abf9cc141b122"
}, },
{ {
"name" : "97332", "name": "97332",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/97332" "url": "http://www.securityfocus.com/bid/97332"
}, },
{ {
"name" : "1038201", "name": "1038201",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201" "url": "http://www.securitytracker.com/id/1038201"
} }
] ]
} }

76
2017/0xxx/CVE-2017-0579.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0579", "ID": "CVE-2017-0579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34125463. References: QC-CR#1115406." "value": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34125463. References: QC-CR#1115406."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-04-01", "name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01" "url": "https://source.android.com/security/bulletin/2017-04-01"
}, },
{ {
"name" : "97339", "name": "97339",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/97339" "url": "http://www.securityfocus.com/bid/97339"
}, },
{ {
"name" : "1038201", "name": "1038201",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201" "url": "http://www.securitytracker.com/id/1038201"
} }
] ]
} }

68
2017/0xxx/CVE-2017-0838.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00", "DATE_PUBLIC": "2017-11-06T00:00:00",
"ID" : "CVE-2017-0838", "ID": "CVE-2017-0838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "7.1.1" "version_value": "7.1.1"
}, },
{ {
"version_value" : "7.1.2" "version_value": "7.1.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-63522818." "value": "An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-63522818."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/pixel/2017-11-01", "name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-11-01" "url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000127.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.340860", "DATE_ASSIGNED": "2017-08-22T17:29:33.340860",
"ID" : "CVE-2017-1000127", "ID": "CVE-2017-1000127",
"REQUESTER" : "hanno@hboeck.de", "REQUESTER": "hanno@hboeck.de",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "exiv2", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.26" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Exiv2 0.26 contains a heap buffer overflow in tiff parser" "value": "Exiv2 0.26 contains a heap buffer overflow in tiff parser"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Overflow" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170630 exiv2: multiple memory safety issues", "name": "[oss-security] 20170630 exiv2: multiple memory safety issues",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/06/30/1" "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1"
} }
] ]
} }

76
2017/1000xxx/CVE-2017-1000406.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1000406", "ID": "CVE-2017-1000406",
"REQUESTER" : "lhinds@redhat.com", "REQUESTER": "lhinds@redhat.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Karaf", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.6.1-Carbon" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "OpenDaylight" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart)." "value": "OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Password change fails to clear cache" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20171123 OpenDayLight: Password change doesn't result in Karaf clearing cache, allowing old password to still be used (CVE-2017-1000406)", "name": "https://git.opendaylight.org/gerrit/#/q/topic:AAA-151",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://seclists.org/oss-sec/2017/q4/320" "url": "https://git.opendaylight.org/gerrit/#/q/topic:AAA-151"
}, },
{ {
"name" : "https://git.opendaylight.org/gerrit/#/q/topic:AAA-151", "name": "https://jira.opendaylight.org/browse/AAA-151",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://git.opendaylight.org/gerrit/#/q/topic:AAA-151" "url": "https://jira.opendaylight.org/browse/AAA-151"
}, },
{ {
"name" : "https://jira.opendaylight.org/browse/AAA-151", "name": "[oss-security] 20171123 OpenDayLight: Password change doesn't result in Karaf clearing cache, allowing old password to still be used (CVE-2017-1000406)",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://jira.opendaylight.org/browse/AAA-151" "url": "http://seclists.org/oss-sec/2017/q4/320"
} }
] ]
} }

72
2017/1000xxx/CVE-2017-1000415.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-12-29", "DATE_ASSIGNED": "2017-12-29",
"ID" : "CVE-2017-1000415", "ID": "CVE-2017-1000415",
"REQUESTER" : "schau@purdue.edu", "REQUESTER": "schau@purdue.edu",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MatrixSSL", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.7.2 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "MatrixSSL" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years." "value": "MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Incorrect date range validation" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.ieee-security.org/TC/SP2017/papers/231.pdf", "name": "https://www.ieee-security.org/TC/SP2017/papers/231.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.ieee-security.org/TC/SP2017/papers/231.pdf" "url": "https://www.ieee-security.org/TC/SP2017/papers/231.pdf"
}, },
{ {
"name" : "https://www.youtube.com/watch?v=FW--c_F_cY8", "name": "https://www.youtube.com/watch?v=FW--c_F_cY8",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.youtube.com/watch?v=FW--c_F_cY8" "url": "https://www.youtube.com/watch?v=FW--c_F_cY8"
} }
] ]
} }

22
2017/12xxx/CVE-2017-12209.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12209", "ID": "CVE-2017-12209",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/12xxx/CVE-2017-12455.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12455", "ID": "CVE-2017-12455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file." "value": "The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=21840", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21840",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=21840" "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21840"
} }
] ]
} }

74
2017/12xxx/CVE-2017-12691.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12691", "ID": "CVE-2017-12691",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file." "value": "The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/656", "name": "USN-3681-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/656" "url": "https://usn.ubuntu.com/3681-1/"
}, },
{ {
"name" : "GLSA-201711-07", "name": "GLSA-201711-07",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201711-07" "url": "https://security.gentoo.org/glsa/201711-07"
}, },
{ {
"name" : "USN-3681-1", "name": "https://github.com/ImageMagick/ImageMagick/issues/656",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3681-1/" "url": "https://github.com/ImageMagick/ImageMagick/issues/656"
} }
] ]
} }

22
2017/16xxx/CVE-2017-16034.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16034", "ID": "CVE-2017-16034",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16271.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16271", "ID": "CVE-2017-16271",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16276.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16276", "ID": "CVE-2017-16276",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16303.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16303", "ID": "CVE-2017-16303",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2017/16xxx/CVE-2017-16879.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16879", "ID": "CVE-2017-16879",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic." "value": "Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html", "name": "http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html" "url": "http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html"
}, },
{ {
"name" : "http://invisible-island.net/ncurses/NEWS.html#t20171125", "name": "GLSA-201804-13",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://invisible-island.net/ncurses/NEWS.html#t20171125" "url": "https://security.gentoo.org/glsa/201804-13"
}, },
{ {
"name" : "https://tools.cisco.com/security/center/viewAlert.x?alertId=57695", "name": "http://invisible-island.net/ncurses/NEWS.html#t20171125",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://tools.cisco.com/security/center/viewAlert.x?alertId=57695" "url": "http://invisible-island.net/ncurses/NEWS.html#t20171125"
}, },
{ {
"name" : "GLSA-201804-13", "name": "https://tools.cisco.com/security/center/viewAlert.x?alertId=57695",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201804-13" "url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=57695"
} }
] ]
} }

68
2017/4xxx/CVE-2017-4012.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2017-4012", "ID": "CVE-2017-4012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Network Data Loss Prevention (NDLP)", "product_name": "Network Data Loss Prevention (NDLP)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.3.x" "version_value": "9.3.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "McAfee" "vendor_name": "McAfee"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request." "value": "Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege Escalation vulnerability" "value": "Privilege Escalation vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10198" "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10198"
}, },
{ {
"name" : "1038523", "name": "1038523",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038523" "url": "http://www.securitytracker.com/id/1038523"
} }
] ]
} }

22
2017/4xxx/CVE-2017-4180.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4180", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4180",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4221.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4221", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4221",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4697.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4697", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4697",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2018/18xxx/CVE-2018-18235.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18235", "ID": "CVE-2018-18235",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/18xxx/CVE-2018-18384.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18384", "ID": "CVE-2018-18384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12." "value": "Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1110194", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1110194",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1110194" "url": "https://bugzilla.suse.com/show_bug.cgi?id=1110194"
}, },
{ {
"name" : "https://sourceforge.net/p/infozip/bugs/53/", "name": "https://sourceforge.net/p/infozip/bugs/53/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/infozip/bugs/53/" "url": "https://sourceforge.net/p/infozip/bugs/53/"
} }
] ]
} }

110
2018/5xxx/CVE-2018-5199.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vuln@krcert.or.kr", "ASSIGNER": "vuln@krcert.or.kr",
"DATE_PUBLIC" : "2018-12-19T08:30:00.000Z", "DATE_PUBLIC": "2018-12-19T08:30:00.000Z",
"ID" : "CVE-2018-5199", "ID": "CVE-2018-5199",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "WIZVERA Remote Code Execution Vulnerability" "TITLE": "WIZVERA Remote Code Execution Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Veraport", "product_name": "Veraport",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "=", "affected": "=",
"platform" : "Mac OS", "platform": "Mac OS",
"version_name" : "G3", "version_name": "G3",
"version_value" : "all" "version_value": "all"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "WIZVERA" "vendor_name": "WIZVERA"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Veraport G3 ALL on MacOS, due to insufficient domain validation, It is possible to overwrite installation file to malicious file. A remote unauthenticated attacker may use this vulnerability to execute arbitrary file." "value": "In Veraport G3 ALL on MacOS, due to insufficient domain validation, It is possible to overwrite installation file to malicious file. A remote unauthenticated attacker may use this vulnerability to execute arbitrary file."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : { "cvss": {
"attackComplexity" : "LOW", "attackComplexity": "LOW",
"attackVector" : "NETWORK", "attackVector": "NETWORK",
"availabilityImpact" : "HIGH", "availabilityImpact": "HIGH",
"baseScore" : 8, "baseScore": 8,
"baseSeverity" : "HIGH", "baseSeverity": "HIGH",
"confidentialityImpact" : "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact" : "HIGH", "integrityImpact": "HIGH",
"privilegesRequired" : "LOW", "privilegesRequired": "LOW",
"scope" : "UNCHANGED", "scope": "UNCHANGED",
"userInteraction" : "REQUIRED", "userInteraction": "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version" : "3.0" "version": "3.0"
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30112", "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30112",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30112" "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30112"
} }
] ]
}, },
"solution" : [ "solution": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Update to patched release version(3.7.3.3)" "value": "Update to patched release version(3.7.3.3)"
} }
], ],
"source" : { "source": {
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

22
2018/5xxx/CVE-2018-5297.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5297", "ID": "CVE-2018-5297",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/5xxx/CVE-2018-5408.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5408", "ID": "CVE-2018-5408",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

78
2018/5xxx/CVE-2018-5546.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC" : "2018-08-16T00:00:00", "DATE_PUBLIC": "2018-08-16T00:00:00",
"ID" : "CVE-2018-5546", "ID": "CVE-2018-5546",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BIG-IP APM client for Linux", "product_name": "BIG-IP APM client for Linux",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Prior to version 7.1.7.1" "version_value": "Prior to version 7.1.7.1"
} }
] ]
} }
}, },
{ {
"product_name" : "BIG-IP APM client for macOS", "product_name": "BIG-IP APM client for macOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Prior to version 7.1.7.1" "version_value": "Prior to version 7.1.7.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks, Inc." "vendor_name": "F5 Networks, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host." "value": "The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege Escalation" "value": "Privilege Escalation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.f5.com/csp/article/K54431371", "name": "https://support.f5.com/csp/article/K54431371",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.f5.com/csp/article/K54431371" "url": "https://support.f5.com/csp/article/K54431371"
}, },
{ {
"name" : "1041510", "name": "1041510",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041510" "url": "http://www.securitytracker.com/id/1041510"
} }
] ]
} }

74
2018/5xxx/CVE-2018-5723.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5723", "ID": "CVE-2018-5723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account." "value": "MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "43693", "name": "43693",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43693/" "url": "https://www.exploit-db.com/exploits/43693/"
}, },
{ {
"name" : "http://syrion.me/blog/master-ipcam/", "name": "http://syrion.me/blog/master-ipcam/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://syrion.me/blog/master-ipcam/" "url": "http://syrion.me/blog/master-ipcam/"
}, },
{ {
"name" : "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html", "name": "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html" "url": "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html"
} }
] ]
} }

68
2018/5xxx/CVE-2018-5861.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-5861", "ID": "CVE-2018-5861",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader." "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=114a392e29bc900c0fe15cc1f3e9ba369cd03244", "name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=114a392e29bc900c0fe15cc1f3e9ba369cd03244",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=114a392e29bc900c0fe15cc1f3e9ba369cd03244" "url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=114a392e29bc900c0fe15cc1f3e9ba369cd03244"
}, },
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", "name": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" "url": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin"
} }
] ]
} }