admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:17:06 +00:00
parent 4d542b933d
commit e473a155c3
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3361 additions and 3361 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
2004/0xxx/CVE-2004-0073.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0073", "ID": "CVE-2004-0073",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040102 include() vuln in EasyDynamicPages v.2.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107307457327707&w=2" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script."
{ }
"name" : "9338", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/9338" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3318", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/3318" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3408", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/3408" ]
}, },
{ "references": {
"name" : "1008584", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1008584" "name": "20040102 include() vuln in EasyDynamicPages v.2.0",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=107307457327707&w=2"
"name" : "10535", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/10535" "name": "3318",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/3318"
"name" : "easydynamicpages-php-file-include(14136)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14136" "name": "1008584",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1008584"
} },
{
"name": "10535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10535"
},
{
"name": "3408",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3408"
},
{
"name": "easydynamicpages-php-file-include(14136)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14136"
},
{
"name": "9338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9338"
}
]
}
} }

158
2004/0xxx/CVE-2004-0091.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0091", "ID": "CVE-2004-0091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying \"There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040120 vBulletin Security Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107462349324945&w=2" "lang": "eng",
}, "value": "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying \"There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft.\""
{ }
"name" : "20040120 vBulletin Security Vulnerability", ]
"refsource" : "VULN-DEV", },
"url" : "http://marc.info/?l=vuln-dev&m=107462499927040&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20040120 Re: vBulletin Security Vulnerability", "description": [
"refsource" : "VULN-DEV", {
"url" : "http://marc.info/?l=vuln-dev&m=107478592401619&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20040123 RE: vBulletin Security Vulnerability", ]
"refsource" : "VULN-DEV", }
"url" : "http://marc.info/?l=vuln-dev&m=107488880317647&w=2" ]
}, },
{ "references": {
"name" : "1008780", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1008780" "name": "20040120 vBulletin Security Vulnerability",
} "refsource": "VULN-DEV",
] "url": "http://marc.info/?l=vuln-dev&m=107462499927040&w=2"
} },
{
"name": "1008780",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1008780"
},
{
"name": "20040120 vBulletin Security Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107462349324945&w=2"
},
{
"name": "20040123 RE: vBulletin Security Vulnerability",
"refsource": "VULN-DEV",
"url": "http://marc.info/?l=vuln-dev&m=107488880317647&w=2"
},
{
"name": "20040120 Re: vBulletin Security Vulnerability",
"refsource": "VULN-DEV",
"url": "http://marc.info/?l=vuln-dev&m=107478592401619&w=2"
}
]
}
} }

158
2004/0xxx/CVE-2004-0431.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0431", "ID": "CVE-2004-0431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large \"number of entries\" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040502 EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108360110618389&w=2" "lang": "eng",
}, "value": "Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large \"number of entries\" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow."
{ }
"name" : "20040502 EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow", ]
"refsource" : "NTBUGTRAQ", },
"url" : "http://marc.info/?l=ntbugtraq&m=108356485013237&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2004-04-30", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/mhonarc/security-announce/msg00048.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#782958", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/782958" ]
}, },
{ "references": {
"name" : "quicktime-heap-bo(16026)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16026" "name": "APPLE-SA-2004-04-30",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/mhonarc/security-announce/msg00048.html"
} },
{
"name": "20040502 EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=108356485013237&w=2"
},
{
"name": "quicktime-heap-bo(16026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16026"
},
{
"name": "VU#782958",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/782958"
},
{
"name": "20040502 EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108360110618389&w=2"
}
]
}
} }

158
2004/1xxx/CVE-2004-1310.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1310", "ID": "CVE-2004-1310",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041216 MPlayer MMST Streaming Stack Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=167" "lang": "eng",
}, "value": "Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet."
{ }
"name" : "http://www1.mplayerhq.hu/MPlayer/releases/ChangeLog", ]
"refsource" : "CONFIRM", },
"url" : "http://www1.mplayerhq.hu/MPlayer/releases/ChangeLog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www1.mplayerhq.hu/MPlayer/patches/mmst_fix_20041215.diff", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www1.mplayerhq.hu/MPlayer/patches/mmst_fix_20041215.diff" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDKSA-2004:157", ]
"refsource" : "MANDRAKE", }
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:157" ]
}, },
{ "references": {
"name" : "mplayer-mmst-bo(18526)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18526" "name": "http://www1.mplayerhq.hu/MPlayer/patches/mmst_fix_20041215.diff",
} "refsource": "CONFIRM",
] "url": "http://www1.mplayerhq.hu/MPlayer/patches/mmst_fix_20041215.diff"
} },
{
"name": "http://www1.mplayerhq.hu/MPlayer/releases/ChangeLog",
"refsource": "CONFIRM",
"url": "http://www1.mplayerhq.hu/MPlayer/releases/ChangeLog"
},
{
"name": "20041216 MPlayer MMST Streaming Stack Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=167"
},
{
"name": "mplayer-mmst-bo(18526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18526"
},
{
"name": "MDKSA-2004:157",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:157"
}
]
}
} }

158
2004/1xxx/CVE-2004-1334.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1334", "ID": "CVE-2004-1334",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041215 fun with linux kernel", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" "lang": "eng",
}, "value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow."
{ }
"name" : "20041215 [USN-47-1] Linux kernel vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=110383108211524&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11956", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/11956" ]
}, },
{ "references": {
"name" : "linux-ipoptionsget-dos(18522)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" "name": "20041215 fun with linux kernel",
} "refsource": "FULLDISC",
] "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
} },
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110383108211524&w=2"
},
{
"name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html",
"refsource": "MISC",
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "linux-ipoptionsget-dos(18522)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
}
]
}
} }

208
2004/1xxx/CVE-2004-1354.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1354", "ID": "CVE-2004-1354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[focus-sun] 20031022 Information disclosure with SMC webserver on Solaris 9", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-sun/2003-10/0032.html" "lang": "eng",
}, "value": "The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack."
{ }
"name" : "57559", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57559-1&searchclause=%22category:security%22%20%20111313-02" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ESB-2004.0347", "description": [
"refsource" : "AUSCERT", {
"url" : "http://www.auscert.org.au/render.html?it=4105" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://spoofed.org/files/text/solaris-smc-advisory.txt", ]
"refsource" : "MISC", }
"url" : "http://spoofed.org/files/text/solaris-smc-advisory.txt" ]
}, },
{ "references": {
"name" : "8873", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/8873" "name": "57559",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57559-1&searchclause=%22category:security%22%20%20111313-02"
"name" : "10349", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10349" "name": "oval:org.mitre.oval:def:1482",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1482"
"name" : "6119", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/displayvuln.php?osvdb_id=6119" "name": "http://spoofed.org/files/text/solaris-smc-advisory.txt",
}, "refsource": "MISC",
{ "url": "http://spoofed.org/files/text/solaris-smc-advisory.txt"
"name" : "oval:org.mitre.oval:def:1482", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1482" "name": "8873",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/8873"
"name" : "11616", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11616/" "name": "11616",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/11616/"
"name" : "smc-dotdot-directory-traversal(16146)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16146" "name": "[focus-sun] 20031022 Information disclosure with SMC webserver on Solaris 9",
} "refsource": "MLIST",
] "url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-sun/2003-10/0032.html"
} },
{
"name": "ESB-2004.0347",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=4105"
},
{
"name": "6119",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=6119"
},
{
"name": "smc-dotdot-directory-traversal(16146)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16146"
},
{
"name": "10349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10349"
}
]
}
} }

178
2004/1xxx/CVE-2004-1906.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1906", "ID": "CVE-2004-1906",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040407 Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108136872711898&w=2" "lang": "eng",
}, "value": "Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow."
{ }
"name" : "20040407 Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019877.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://theinsider.deep-ice.com/texts/advisory54.txt", "description": [
"refsource" : "MISC", {
"url" : "http://theinsider.deep-ice.com/texts/advisory54.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20040407 Symantec, McAfee and Panda ActiveX controls", ]
"refsource" : "FULLDISC", }
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019891.html" ]
}, },
{ "references": {
"name" : "10071", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10071" "name": "20040407 Symantec, McAfee and Panda ActiveX controls",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019891.html"
"name" : "11313", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11313" "name": "10071",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/10071"
"name" : "freescan-mcfscan-bo(15772)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15772" "name": "http://theinsider.deep-ice.com/texts/advisory54.txt",
} "refsource": "MISC",
] "url": "http://theinsider.deep-ice.com/texts/advisory54.txt"
} },
{
"name": "freescan-mcfscan-bo(15772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15772"
},
{
"name": "20040407 Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108136872711898&w=2"
},
{
"name": "20040407 Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019877.html"
},
{
"name": "11313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11313"
}
]
}
} }

158
2004/1xxx/CVE-2004-1942.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1942", "ID": "CVE-2004-1942",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040419 Solaris 9 patch 113579-03 introduces a NIS security bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108241638500417&w=2" "lang": "eng",
}, "value": "The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname."
{ }
"name" : "57554", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57554-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "O-144", "description": [
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/o-144.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "10261", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/10261" ]
}, },
{ "references": {
"name" : "solaris-nis-unauth-privileges(15908)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15908" "name": "20040419 Solaris 9 patch 113579-03 introduces a NIS security bug",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=108241638500417&w=2"
} },
{
"name": "O-144",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-144.shtml"
},
{
"name": "10261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10261"
},
{
"name": "57554",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57554-1"
},
{
"name": "solaris-nis-unauth-privileges(15908)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15908"
}
]
}
} }

218
2004/2xxx/CVE-2004-2196.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2196", "ID": "CVE-2004-2196",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041011 Multiple vulnerabilities in ZanfiCmsLite", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/378053" "lang": "eng",
}, "value": "Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others."
{ }
"name" : "http://www.zanfi.nl/index1.php?flag=cmslite", ]
"refsource" : "MISC", },
"url" : "http://www.zanfi.nl/index1.php?flag=cmslite" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "10677", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10677" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "10678", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/10678" ]
}, },
{ "references": {
"name" : "10679", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10679" "name": "10679",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/10679"
"name" : "10680", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10680" "name": "12792",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12792"
"name" : "10681", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10681" "name": "10678",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/10678"
"name" : "10682", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/10682" "name": "zanficmslite-error-path-disclosure(17687)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17687"
"name" : "1011612", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1011612" "name": "1011612",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1011612"
"name" : "12792", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12792" "name": "10682",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/10682"
"name" : "zanficmslite-error-path-disclosure(17687)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17687" "name": "10680",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/10680"
} },
{
"name": "http://www.zanfi.nl/index1.php?flag=cmslite",
"refsource": "MISC",
"url": "http://www.zanfi.nl/index1.php?flag=cmslite"
},
{
"name": "10677",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10677"
},
{
"name": "20041011 Multiple vulnerabilities in ZanfiCmsLite",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/378053"
},
{
"name": "10681",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10681"
}
]
}
} }

148
2004/2xxx/CVE-2004-2450.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2450", "ID": "CVE-2004-2450",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040331 RogerWilco: new funny bugs", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2004-03/0352.html" "lang": "eng",
}, "value": "The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information."
{ }
"name" : "10024", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/10024" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11270", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11270" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "roger-wilco-obtain-information(15816)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15816" ]
} },
] "references": {
} "reference_data": [
{
"name": "20040331 RogerWilco: new funny bugs",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0352.html"
},
{
"name": "roger-wilco-obtain-information(15816)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15816"
},
{
"name": "11270",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11270"
},
{
"name": "10024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10024"
}
]
}
} }

148
2004/2xxx/CVE-2004-2608.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2608", "ID": "CVE-2004-2608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the \"news database\") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrator's account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9363", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/9363" "lang": "eng",
}, "value": "SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the \"news database\") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrator's account."
{ }
"name" : "1011084", ]
"refsource" : "SECTRACK", },
"url" : "http://securitytracker.com/id?1011084" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "12401", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12401" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "smart-guestbook-database-file-access(17146)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17146" ]
} },
] "references": {
} "reference_data": [
{
"name": "9363",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9363"
},
{
"name": "12401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12401"
},
{
"name": "smart-guestbook-database-file-access(17146)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17146"
},
{
"name": "1011084",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011084"
}
]
}
} }

178
2008/2xxx/CVE-2008-2064.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2064", "ID": "CVE-2008-2064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to \"a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to \"a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems.\""
{ }
"name" : "http://www.phpgedview.net/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.phpgedview.net/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1580", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1580" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "28978", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/28978" ]
}, },
{ "references": {
"name" : "29989", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29989" "name": "DSA-1580",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1580"
"name" : "30256", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30256" "name": "28978",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28978"
"name" : "phpgedview-unspecified-code-execution(42085)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42085" "name": "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222",
} "refsource": "CONFIRM",
] "url": "http://sourceforge.net/project/shownotes.php?group_id=55456&release_id=595222"
} },
{
"name": "30256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30256"
},
{
"name": "29989",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29989"
},
{
"name": "http://www.phpgedview.net/",
"refsource": "CONFIRM",
"url": "http://www.phpgedview.net/"
},
{
"name": "phpgedview-unspecified-code-execution(42085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42085"
}
]
}
} }

218
2008/2xxx/CVE-2008-2100.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2100", "ID": "CVE-2008-2100",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/493080/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
{ }
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201209-25", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201209-25.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "29552", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/29552" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:5081", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081" "name": "GLSA-201209-25",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
"name" : "oval:org.mitre.oval:def:5647", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647" "name": "ADV-2008-1744",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1744"
"name" : "ADV-2008-1744", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1744" "name": "1020200",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1020200"
"name" : "1020200", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1020200" "name": "vmware-vixapi-multiple-unspecified-bo(42872)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
"name" : "30556", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30556" "name": "oval:org.mitre.oval:def:5647",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
"name" : "3922", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3922" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
"name" : "vmware-vixapi-multiple-unspecified-bo(42872)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872" "name": "30556",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/30556"
} },
{
"name": "oval:org.mitre.oval:def:5081",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"name": "29552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29552"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "3922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3922"
}
]
}
} }

178
2008/2xxx/CVE-2008-2318.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2318", "ID": "CVE-2008-2318",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT2352", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT2352" "lang": "eng",
}, "value": "The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs."
{ }
"name" : "APPLE-SA-2008-07-11", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce//2008/Jul/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30191", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30191" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2008-2093", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2008/2093/references" ]
}, },
{ "references": {
"name" : "1020473", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020473" "name": "apple-xcode-webobjects-info-disclosure(43735)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43735"
"name" : "31060", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31060" "name": "1020473",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020473"
"name" : "apple-xcode-webobjects-info-disclosure(43735)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43735" "name": "30191",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/30191"
} },
{
"name": "APPLE-SA-2008-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00002.html"
},
{
"name": "http://support.apple.com/kb/HT2352",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT2352"
},
{
"name": "ADV-2008-2093",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2093/references"
},
{
"name": "31060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31060"
}
]
}
} }

168
2008/3xxx/CVE-2008-3240.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3240", "ID": "CVE-2008-3240",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6087", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6087" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action."
{ }
"name" : "30259", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30259" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-2122", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2122/references" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31112", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/31112" ]
}, },
{ "references": {
"name" : "4016", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4016" "name": "4016",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/4016"
"name" : "alstrasoft-pgm-sql-injection(43848)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43848" "name": "30259",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/30259"
} },
{
"name": "alstrasoft-pgm-sql-injection(43848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43848"
},
{
"name": "6087",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6087"
},
{
"name": "31112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31112"
},
{
"name": "ADV-2008-2122",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2122/references"
}
]
}
} }

158
2008/3xxx/CVE-2008-3400.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3400", "ID": "CVE-2008-3400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080725 XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/494754/100/0/threaded" "lang": "eng",
}, "value": "XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function."
{ }
"name" : "6131", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/6131" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "31233", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31233" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4081", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/4081" ]
}, },
{ "references": {
"name" : "xrmscrm-info-info-disclosure(43995)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43995" "name": "6131",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/6131"
} },
{
"name": "31233",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31233"
},
{
"name": "xrmscrm-info-info-disclosure(43995)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43995"
},
{
"name": "20080725 XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494754/100/0/threaded"
},
{
"name": "4081",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4081"
}
]
}
} }

148
2008/3xxx/CVE-2008-3564.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3564", "ID": "CVE-2008-3564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p, (2) cat, and (3) archive parameters. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6203", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6203" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p, (2) cat, and (3) archive parameters. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL."
{ }
"name" : "30538", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30538" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4122", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4122" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "dayfoxblog-cat-archive-file-include(44203)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44203" ]
} },
] "references": {
} "reference_data": [
{
"name": "dayfoxblog-cat-archive-file-include(44203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44203"
},
{
"name": "6203",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6203"
},
{
"name": "30538",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30538"
},
{
"name": "4122",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4122"
}
]
}
} }

238
2008/3xxx/CVE-2008-3852.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3852", "ID": "CVE-2008-3852",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/496405/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
{ }
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", ]
"refsource" : "CONFIRM", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21293566", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21293566" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JR28432", ]
"refsource" : "AIXAPAR", }
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432" ]
}, },
{ "references": {
"name" : "JR28431", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431" "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
"name" : "29601", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29601" "name": "JR28432",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
"name" : "ADV-2008-1769", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1769" "name": "1020761",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020761"
"name" : "ADV-2008-2445", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2445" "name": "20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
"name" : "1020761", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020761" "name": "JR28431",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
"name" : "30558", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30558" "name": "ibm-db2-clr-visualstudio-unspecified(44697)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
"name" : "31635", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31635" "name": "ADV-2008-1769",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1769"
"name" : "ibm-db2-clr-unspecified(42927)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927" "name": "29601",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/29601"
"name" : "ibm-db2-clr-visualstudio-unspecified(44697)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697" "name": "ADV-2008-2445",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2008/2445"
} },
{
"name": "31635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31635"
},
{
"name": "ibm-db2-clr-unspecified(42927)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
},
{
"name": "30558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30558"
}
]
}
} }

138
2008/6xxx/CVE-2008-6324.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6324", "ID": "CVE-2008-6324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7416", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7416" "lang": "eng",
}, "value": "SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter."
{ }
"name" : "32767", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/32767" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33064", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33064" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "33064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33064"
},
{
"name": "7416",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7416"
},
{
"name": "32767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32767"
}
]
}
} }

138
2008/6xxx/CVE-2008-6473.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6473", "ID": "CVE-2008-6473",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified \"a\" parameter with a \"%\" wildcard symbol in the b parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080405 Blogator-script 0.95 Change User Password Vulnerbility", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490501/100/0/threaded" "lang": "eng",
}, "value": "_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified \"a\" parameter with a \"%\" wildcard symbol in the b parameter."
{ }
"name" : "5370", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/5370" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "51227", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/51227" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "5370",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5370"
},
{
"name": "20080405 Blogator-script 0.95 Change User Password Vulnerbility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490501/100/0/threaded"
},
{
"name": "51227",
"refsource": "OSVDB",
"url": "http://osvdb.org/51227"
}
]
}
} }

148
2008/7xxx/CVE-2008-7056.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7056", "ID": "CVE-2008-7056",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote attackers to obtain copies of the database via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6286", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6286" "lang": "eng",
}, "value": "BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote attackers to obtain copies of the database via a direct request."
{ }
"name" : "30788", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/30788" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21992", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21992" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "bandsitecms-phpmydump-info-disclosure(44588)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44588" ]
} },
] "references": {
} "reference_data": [
{
"name": "21992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21992"
},
{
"name": "30788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30788"
},
{
"name": "6286",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6286"
},
{
"name": "bandsitecms-phpmydump-info-disclosure(44588)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44588"
}
]
}
} }

158
2008/7xxx/CVE-2008-7297.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7297", "ID": "CVE-2008-7297",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a \"cookie forcing\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies", "description_data": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies" "lang": "eng",
}, "value": "Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a \"cookie forcing\" issue."
{ }
"name" : "http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html", ]
"refsource" : "MISC", },
"url" : "http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html", "description": [
"refsource" : "MISC", {
"url" : "http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html", ]
"refsource" : "MISC", }
"url" : "http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=660053", "reference_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=660053" "name": "http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html",
} "refsource": "MISC",
] "url": "http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html"
} },
{
"name": "http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies",
"refsource": "MISC",
"url": "http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies"
},
{
"name": "http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=660053",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=660053"
},
{
"name": "http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html"
}
]
}
} }

158
2012/5xxx/CVE-2012-5117.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-5117", "ID": "CVE-2012-5117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html" "lang": "eng",
}, "value": "Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=145915", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=145915" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "56413", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56413" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "87076", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/87076" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:15912", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15912" "name": "oval:org.mitre.oval:def:15912",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15912"
} },
{
"name": "56413",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56413"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=145915",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=145915"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"name": "87076",
"refsource": "OSVDB",
"url": "http://osvdb.org/87076"
}
]
}
} }

158
2012/5xxx/CVE-2012-5120.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-5120", "ID": "CVE-2012-5120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html" "lang": "eng",
}, "value": "Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=150729", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=150729" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "56413", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56413" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "87085", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/87085" ]
}, },
{ "references": {
"name" : "chrome-cve20125120-code-exec(79867)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79867" "name": "56413",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/56413"
} },
{
"name": "https://code.google.com/p/chromium/issues/detail?id=150729",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=150729"
},
{
"name": "87085",
"refsource": "OSVDB",
"url": "http://osvdb.org/87085"
},
{
"name": "chrome-cve20125120-code-exec(79867)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79867"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html"
}
]
}
} }

32
2012/5xxx/CVE-2012-5998.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5998", "ID": "CVE-2012-5998",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2017/11xxx/CVE-2017-11117.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11117", "ID": "CVE-2017-11117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://seclists.org/fulldisclosure/2017/Jul/77", "description_data": [
"refsource" : "MISC", {
"url" : "http://seclists.org/fulldisclosure/2017/Jul/77" "lang": "eng",
}, "value": "The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file."
{ }
"name" : "https://sourceforge.net/p/openexif/bugs/18/", ]
"refsource" : "MISC", },
"url" : "https://sourceforge.net/p/openexif/bugs/18/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/openexif/bugs/18/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/openexif/bugs/18/"
},
{
"name": "http://seclists.org/fulldisclosure/2017/Jul/77",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2017/Jul/77"
}
]
}
} }

228
2017/11xxx/CVE-2017-11610.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11610", "ID": "CVE-2017-11610",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42779", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42779/" "lang": "eng",
}, "value": "The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups."
{ }
"name" : "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt" ]
}, },
{ "references": {
"name" : "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt" "name": "RHSA-2017:3005",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3005"
"name" : "https://github.com/Supervisor/supervisor/issues/964", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/Supervisor/supervisor/issues/964" "name": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt"
"name" : "DSA-3942", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3942" "name": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt"
"name" : "FEDORA-2017-307eab89e1", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMSCGMM477N64Z3BM34RWYBGSLK466B/" "name": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt"
"name" : "FEDORA-2017-713430fb15", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/" "name": "FEDORA-2017-307eab89e1",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMSCGMM477N64Z3BM34RWYBGSLK466B/"
"name" : "FEDORA-2017-85eb9f7a36", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/" "name": "FEDORA-2017-85eb9f7a36",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/"
"name" : "GLSA-201709-06", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201709-06" "name": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt"
"name" : "RHSA-2017:3005", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3005" "name": "FEDORA-2017-713430fb15",
} "refsource": "FEDORA",
] "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/"
} },
{
"name": "DSA-3942",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3942"
},
{
"name": "https://github.com/Supervisor/supervisor/issues/964",
"refsource": "CONFIRM",
"url": "https://github.com/Supervisor/supervisor/issues/964"
},
{
"name": "42779",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42779/"
},
{
"name": "GLSA-201709-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-06"
}
]
}
} }

150
2017/11xxx/CVE-2017-11912.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-12-12T00:00:00", "DATE_PUBLIC": "2017-12-12T00:00:00",
"ID" : "CVE-2017-11912", "ID": "CVE-2017-11912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ChakraCore, Microsoft Edge, Internet Explorer", "product_name": "ChakraCore, Microsoft Edge, Internet Explorer",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016." "version_value": "Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912" "lang": "eng",
}, "value": "ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930."
{ }
"name" : "102092", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102092" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039990", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039990" "lang": "eng",
}, "value": "Remote Code Execution"
{ }
"name" : "1039991", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1039991" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11912"
},
{
"name": "102092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102092"
},
{
"name": "1039990",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039990"
},
{
"name": "1039991",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039991"
}
]
}
} }

32
2017/11xxx/CVE-2017-11991.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11991", "ID": "CVE-2017-11991",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/15xxx/CVE-2017-15071.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15071", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15071",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue associated with the originally named downstream provider. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue associated with the originally named downstream provider. Notes: none."
} }
] ]
} }
} }

118
2017/15xxx/CVE-2017-15257.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15257", "ID": "CVE-2017-15257",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to \"Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15257", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15257" "lang": "eng",
} "value": "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to \"Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a.\""
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15257",
"refsource": "MISC",
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15257"
}
]
}
} }

128
2017/15xxx/CVE-2017-15630.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15630", "ID": "CVE-2017-15630",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/541655/100/0/threaded" "lang": "eng",
}, "value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file."
{ }
"name" : "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", ]
"refsource" : "MISC", },
"url" : "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
} }

138
2017/15xxx/CVE-2017-15663.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15663", "ID": "CVE-2017-15663",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43452", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43452/" "lang": "eng",
}, "value": "In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120."
{ }
"name" : "43589", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/43589/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/145763/Disk-Pulse-Enterprise-10.1.18-Denial-Of-Service.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/145763/Disk-Pulse-Enterprise-10.1.18-Denial-Of-Service.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/145763/Disk-Pulse-Enterprise-10.1.18-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/145763/Disk-Pulse-Enterprise-10.1.18-Denial-Of-Service.html"
},
{
"name": "43589",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43589/"
},
{
"name": "43452",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43452/"
}
]
}
} }

32
2017/8xxx/CVE-2017-8049.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-8049", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-8049",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/8xxx/CVE-2017-8583.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8583", "ID": "CVE-2017-8583",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2018/12xxx/CVE-2018-12036.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12036", "ID": "CVE-2018-12036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md#version-320-2018-05-21", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md#version-320-2018-05-21" "lang": "eng",
}, "value": "OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames."
{ }
"name" : "https://github.com/snyk/zip-slip-vulnerability", ]
"refsource" : "MISC", },
"url" : "https://github.com/snyk/zip-slip-vulnerability" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md#version-320-2018-05-21",
"refsource": "MISC",
"url": "https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md#version-320-2018-05-21"
},
{
"name": "https://github.com/snyk/zip-slip-vulnerability",
"refsource": "MISC",
"url": "https://github.com/snyk/zip-slip-vulnerability"
}
]
}
} }

128
2018/12xxx/CVE-2018-12120.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-request@iojs.org", "ASSIGNER": "cve-request@iojs.org",
"ID" : "CVE-2018-12120", "ID": "CVE-2018-12120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Node.js", "product_name": "Node.js",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to Node.js 6.15.0" "version_value": "All versions prior to Node.js 6.15.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Node.js Project" "vendor_name": "The Node.js Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-419: Unprotected Primary Channel"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/" "lang": "eng",
}, "value": "Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable."
{ }
"name" : "106040", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106040" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "CWE-419: Unprotected Primary Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"name": "106040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106040"
}
]
}
} }

120
2018/12xxx/CVE-2018-12166.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-01-08T00:00:00", "DATE_PUBLIC": "2019-01-08T00:00:00",
"ID" : "CVE-2018-12166", "ID": "CVE-2018-12166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) Optane(TM) SSD DC P4800X", "product_name": "Intel(R) Optane(TM) SSD DC P4800X",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "before version E2010435." "version_value": "before version E2010435."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00175.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00175.html" "lang": "eng",
} "value": "Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00175.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00175.html"
}
]
}
} }

118
2018/12xxx/CVE-2018-12902.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12902", "ID": "CVE-2018-12902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/lzlzh2016/easymagazine/blob/master/xx1.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/lzlzh2016/easymagazine/blob/master/xx1.md" "lang": "eng",
} "value": "In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/lzlzh2016/easymagazine/blob/master/xx1.md",
"refsource": "MISC",
"url": "https://github.com/lzlzh2016/easymagazine/blob/master/xx1.md"
}
]
}
} }

118
2018/12xxx/CVE-2018-12917.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12917", "ID": "CVE-2018-12917",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/cloudwu/pbc/issues/119", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/cloudwu/pbc/issues/119" "lang": "eng",
} "value": "In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cloudwu/pbc/issues/119",
"refsource": "MISC",
"url": "https://github.com/cloudwu/pbc/issues/119"
}
]
}
} }

32
2018/13xxx/CVE-2018-13287.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13287", "ID": "CVE-2018-13287",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/13xxx/CVE-2018-13343.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13343", "ID": "CVE-2018-13343",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2018/13xxx/CVE-2018-13793.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13793", "ID": "CVE-2018-13793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://abbyydownloads.com/fc12/PreviousReleaseNotes/ReleaseNotes_FC12_R1_U3_1299.18_build_12.0.1.516.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://abbyydownloads.com/fc12/PreviousReleaseNotes/ReleaseNotes_FC12_R1_U3_1299.18_build_12.0.1.516.pdf" "lang": "eng",
} "value": "Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://abbyydownloads.com/fc12/PreviousReleaseNotes/ReleaseNotes_FC12_R1_U3_1299.18_build_12.0.1.516.pdf",
"refsource": "MISC",
"url": "http://abbyydownloads.com/fc12/PreviousReleaseNotes/ReleaseNotes_FC12_R1_U3_1299.18_build_12.0.1.516.pdf"
}
]
}
} }

128
2018/16xxx/CVE-2018-16205.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2018-16205", "ID": "CVE-2018-16205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GROWI", "product_name": "GROWI",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v3.2.3 and earlier" "version_value": "v3.2.3 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "WESEEK, Inc." "vendor_name": "WESEEK, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via New Page modal."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://weseek.co.jp/security/2018/12/25/growi-prevent-xss2/", "description_data": [
"refsource" : "MISC", {
"url" : "https://weseek.co.jp/security/2018/12/25/growi-prevent-xss2/" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via New Page modal."
{ }
"name" : "JVN#96493183", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN96493183/index.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#96493183",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN96493183/index.html"
},
{
"name": "https://weseek.co.jp/security/2018/12/25/growi-prevent-xss2/",
"refsource": "MISC",
"url": "https://weseek.co.jp/security/2018/12/25/growi-prevent-xss2/"
}
]
}
} }

118
2018/16xxx/CVE-2018-16237.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16237", "ID": "CVE-2018-16237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/howchen/howchen/issues/2", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/howchen/howchen/issues/2" "lang": "eng",
} "value": "An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/howchen/howchen/issues/2",
"refsource": "MISC",
"url": "https://github.com/howchen/howchen/issues/2"
}
]
}
} }

118
2018/16xxx/CVE-2018-16385.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16385", "ID": "CVE-2018-16385",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/top-think/framework/issues/1375", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/top-think/framework/issues/1375" "lang": "eng",
} "value": "ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/top-think/framework/issues/1375",
"refsource": "MISC",
"url": "https://github.com/top-think/framework/issues/1375"
}
]
}
} }

32
2018/17xxx/CVE-2018-17227.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17227", "ID": "CVE-2018-17227",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

198
2018/4xxx/CVE-2018-4125.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2018-4125", "ID": "CVE-2018-4125",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208693", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208693" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT208694", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT208694" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT208695", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208695" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT208696", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT208696" ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT208697", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208697" "name": "1040604",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1040604"
"name" : "https://support.apple.com/HT208698", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208698" "name": "https://support.apple.com/HT208698",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT208698"
"name" : "GLSA-201808-04", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201808-04" "name": "GLSA-201808-04",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201808-04"
"name" : "USN-3635-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3635-1/" "name": "https://support.apple.com/HT208696",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT208696"
"name" : "1040604", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040604" "name": "https://support.apple.com/HT208693",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT208693"
} },
{
"name": "https://support.apple.com/HT208694",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208694"
},
{
"name": "https://support.apple.com/HT208697",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208697"
},
{
"name": "USN-3635-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3635-1/"
},
{
"name": "https://support.apple.com/HT208695",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208695"
}
]
}
} }

32
2018/4xxx/CVE-2018-4340.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4340", "ID": "CVE-2018-4340",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/4xxx/CVE-2018-4381.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4381", "ID": "CVE-2018-4381",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/4xxx/CVE-2018-4445.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4445", "ID": "CVE-2018-4445",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/4xxx/CVE-2018-4595.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4595", "ID": "CVE-2018-4595",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }