admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #218 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-02-12 11:05:04 -05:00 committed by GitHub
commit e8ec9ec3f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1270 changed files with 57157 additions and 1743 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
2008/3xxx/CVE-2008-3793.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3793",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2008-3793",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3792. Reason: This candidate is a duplicate of CVE-2008-3792. Notes: All CVE users should reference CVE-2008-3792 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

53
2009/4xxx/CVE-2009-4067.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4067",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf",
"url": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=722393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=722393"
}
]
}

53
2009/5xxx/CVE-2009-5139.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5139",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a \"SIP Digest Leak\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdf",
"url": "https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdf"
},
{
"refsource": "MISC",
"name": "http://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html",
"url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html"
}
]
}

53
2009/5xxx/CVE-2009-5140.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5140",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a \"SIP Digest Leak\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdf",
"url": "https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdf"
},
{
"refsource": "MISC",
"name": "http://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html",
"url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html"
}
]
}

5
2010/3xxx/CVE-2010-3798.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-bbd24dd0cf",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2S2KRIILUKBJHXDNYJQQX74TFUQRG5ND/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-edf53cd770",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC/"
}
]
}

55
2010/3xxx/CVE-2010-3917.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3917",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "before 3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN36765384/index.html",
"url": "http://jvn.jp/en/jp/JVN36765384/index.html"
},
{
"refsource": "MISC",
"name": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000056.html",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000056.html"
}
]
}

55
2010/4xxx/CVE-2010-4658.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4658",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "statusnet",
"version": {
"version_data": [
{
"version_value": "through 2010"
}
]
}
}
]
},
"vendor_name": "statusnet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4658",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4658"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/01/25/13",
"url": "https://www.openwall.com/lists/oss-security/2011/01/25/13"
}
]
}

55
2010/4xxx/CVE-2010-4662.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4662",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pmwiki",
"version": {
"version_data": [
{
"version_value": "before 2.2.21"
}
]
}
}
]
},
"vendor_name": "pmwiki"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PmWiki before 2.2.21 has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com/files/cve/CVE-2010-4662",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2010-4662"
},
{
"url": "https://www.openwall.com/lists/oss-security/2011/02/23/23",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/02/23/23"
}
]
}

60
2010/4xxx/CVE-2010-4815.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4815",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "coppermine gallery",
"version": {
"version_data": [
{
"version_value": "before 1.4.26"
}
]
}
}
]
},
"vendor_name": "coppermine gallery"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/08/19/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/08/19/7"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2010/q1/121",
"url": "https://seclists.org/oss-sec/2010/q1/121"
},
{
"refsource": "MISC",
"name": "https://forum.coppermine-gallery.net/index.php/topic,63510.0.html",
"url": "https://forum.coppermine-gallery.net/index.php/topic,63510.0.html"
}
]
}

73
2010/5xxx/CVE-2010-5304.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5304",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140219.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140219.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139814.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139814.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html"
},
{
"url": "http://seclists.org/oss-sec/2014/q3/639",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q3/639"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/09/23/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/09/23/6"
}
]
}

50
2011/0xxx/CVE-2011-0220.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0220",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bonjour",
"version": {
"version_data": [
{
"version_value": "before 2011"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://opensource.apple.com/source/mDNSResponder/mDNSResponder-541/mDNSPosix/ReadMe.txt",
"refsource": "MISC",
"name": "https://opensource.apple.com/source/mDNSResponder/mDNSResponder-541/mDNSPosix/ReadMe.txt"
}
]
}

55
2011/0xxx/CVE-2011-0525.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0525",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Batavi",
"version": {
"version_data": [
{
"version_value": "before 1.0"
}
]
}
}
]
},
"vendor_name": "Batavi"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Batavi before 1.0 has CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery "
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com/files/cve/CVE-2011-0525",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2011-0525"
},
{
"url": "https://www.openwall.com/lists/oss-security/2011/01/27/3",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/01/27/3"
}
]
}

50
2011/1xxx/CVE-2011-1009.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1009",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Vanilla Forums",
"version": {
"version_data": [
{
"version_value": "2.0.17.1 through 2.0.17.5"
}
]
}
}
]
},
"vendor_name": "Vanilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/02/22/14",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/02/22/14"
}
]
}

50
2011/1xxx/CVE-2011-1069.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1069",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PHPShop",
"version": {
"version_data": [
{
"version_value": "through 0.8.1"
}
]
}
}
]
},
"vendor_name": "PHPShop"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PHPShop through 0.8.1 has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/02/28/9",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/02/28/9"
}
]
}

50
2011/1xxx/CVE-2011-1084.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1084",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Smoothwall",
"product": {
"product_data": [
{
"product_name": "Smoothwall Express",
"version": {
"version_data": [
{
"version_value": "3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in Smoothwall Express 3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/03/03/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/03/03/7"
}
]
}

50
2011/1xxx/CVE-2011-1085.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1085",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Smoothwall",
"product": {
"product_data": [
{
"product_name": "Smoothwall Express",
"version": {
"version_data": [
{
"version_value": "3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CSRF vulnerability in Smoothwall Express 3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery "
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/03/03/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/03/03/7"
}
]
}

60
2011/1xxx/CVE-2011-1086.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1086",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Openfiler",
"product": {
"product_data": [
{
"product_name": "Openfiler",
"version": {
"version_data": [
{
"version_value": "2.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/03/03/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/03/03/7"
},
{
"refsource": "MISC",
"name": "https://web.archive.org/web/20111223190840/http://secunia.com/advisories/42507/",
"url": "https://web.archive.org/web/20111223190840/http://secunia.com/advisories/42507/"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/35125",
"url": "https://www.exploit-db.com/exploits/35125"
}
]
}

50
2011/1xxx/CVE-2011-1150.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1150",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "bbPress",
"version": {
"version_data": [
{
"version_value": "through 1.0.2"
}
]
}
}
]
},
"vendor_name": "bbPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/03/14/20",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/03/14/20"
}
]
}

55
2011/1xxx/CVE-2011-1151.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1151",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Joomla!",
"version": {
"version_data": [
{
"version_value": "1.6.0"
}
]
}
}
]
},
"vendor_name": "Joomla!"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/03/14/21",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/03/14/21"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/101835/Joomla-1.6.0-SQL-Injection.html",
"url": "https://packetstormsecurity.com/files/101835/Joomla-1.6.0-SQL-Injection.html"
}
]
}

58
2011/1xxx/CVE-2011-1517.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1517",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/53424",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53424"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
}
]
}

14
2011/1xxx/CVE-2011-1596.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1596",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-1596",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

50
2011/1xxx/CVE-2011-1597.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1597",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Manager",
"version": {
"version_data": [
{
"version_value": "v2.0.3"
}
]
}
}
]
},
"vendor_name": "OpenVAS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenVAS Manager v2.0.3 allows plugin remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/04/20/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/04/20/5"
}
]
}

5
2011/3xxx/CVE-2011-3556.json
View File

@ -186,6 +186,11 @@
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"refsource": "CERT-VN",
"name": "VU#597809",
"url": "https://www.kb.cert.org/vuls/id/597809"
}
]
}

93
2011/3xxx/CVE-2011-3642.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3642",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,96 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://web.appsec.ws/FlashExploitDatabase.php",
"url": "http://web.appsec.ws/FlashExploitDatabase.php"
},
{
"refsource": "MISC",
"name": "http://appsec.ws/Presentations/FlashFlooding.pdf",
"url": "http://appsec.ws/Presentations/FlashFlooding.pdf"
},
{
"refsource": "MISC",
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009"
},
{
"refsource": "MISC",
"name": "https://code.google.com/p/flowplayer-core/issues/detail?id=441",
"url": "https://code.google.com/p/flowplayer-core/issues/detail?id=441"
},
{
"refsource": "MISC",
"name": "https://mahara.org/interaction/forum/topic.php?id=5237",
"url": "https://mahara.org/interaction/forum/topic.php?id=5237"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/52074",
"url": "http://secunia.com/advisories/52074"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/54206",
"url": "http://secunia.com/advisories/54206"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/58854",
"url": "http://secunia.com/advisories/58854"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/48651",
"url": "https://www.securityfocus.com/bid/48651"
},
{
"refsource": "MISC",
"name": "https://bugs.launchpad.net/mahara/+bug/1103748",
"url": "https://bugs.launchpad.net/mahara/+bug/1103748"
}
]
}

70
2011/4xxx/CVE-2011-4938.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4938",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ariadne",
"product": {
"product_data": [
{
"product_name": "Ariadne",
"version": {
"version_data": [
{
"version_value": "2.7.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.rul3z.de/advisories/SSCHADV2011-038.txt",
"url": "http://www.rul3z.de/advisories/SSCHADV2011-038.txt"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/09/4",
"url": "http://www.openwall.com/lists/oss-security/2012/03/09/4"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/10/6",
"url": "http://www.openwall.com/lists/oss-security/2012/03/10/6"
},
{
"refsource": "MISC",
"name": "http://bugs.ariadne-cms.org/view.php?id=277",
"url": "http://bugs.ariadne-cms.org/view.php?id=277"
},
{
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2011/Dec/7",
"url": "https://seclists.org/bugtraq/2011/Dec/7"
}
]
}

60
2012/0xxx/CVE-2012-0810.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0810",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux Foundation",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_value": "before 3.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=794557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557"
},
{
"refsource": "CONFIRM",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=e5d4e1c3ccee18c68f23d62ba77bda26e893d4f0",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=e5d4e1c3ccee18c68f23d62ba77bda26e893d4f0"
},
{
"refsource": "CONFIRM",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=bcf6b1d78c0bde228929c388978ed3af9a623463",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=bcf6b1d78c0bde228929c388978ed3af9a623463"
}
]
}

70
2012/1xxx/CVE-2012-1124.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1124",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "phxEventManager",
"product": {
"product_data": [
{
"product_name": "phxEventManager",
"version": {
"version_data": [
{
"version_value": "2.0 beta 5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://sourceforge.net/tracker/?func=detail&aid=3496086&group_id=123602&atid=697109",
"url": "http://sourceforge.net/tracker/?func=detail&aid=3496086&group_id=123602&atid=697109"
},
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2012/Mar/4",
"url": "http://seclists.org/fulldisclosure/2012/Mar/4"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/10",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/10"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18549",
"url": "http://www.exploit-db.com/exploits/18549"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/2",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/2"
}
]
}

50
2012/1xxx/CVE-2012-1566.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1566",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LinuxMint",
"product": {
"product_data": [
{
"product_name": "Mint",
"version": {
"version_data": [
{
"version_value": "2012-03-19"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/19/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/19/14"
}
]
}

55
2012/1xxx/CVE-2012-1567.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1567",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LinuxMint",
"product": {
"product_data": [
{
"product_name": "Mint",
"version": {
"version_data": [
{
"version_value": "2012-03-19"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/19/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/19/14"
},
{
"refsource": "MISC",
"name": "https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdate/mintUpdate.py#L1444",
"url": "https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdate/mintUpdate.py#L1444"
}
]
}

8
2012/1xxx/CVE-2012-1695.json
View File

@ -1,3 +1,4 @@
{
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
@ -38,6 +39,13 @@
}
]
},
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{

60
2012/1xxx/CVE-2012-1994.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-1994",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Systems Insight Manager",
"version": {
"version_data": [
{
"version_value": "before 7.0"
}
]
}
}
]
},
"vendor_name": "HP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/53315",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53315"
},
{
"url": "http://www.securitytracker.com/id?1026987",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026987"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75294",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75294"
}
]
}

50
2012/2xxx/CVE-2012-2204.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2204",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Guardium",
"version": {
"version_data": [
{
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "InfoSphere"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "InfoSphere Guardium aix_ktap module: DoS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76968",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76968"
}
]
}

14
2012/2xxx/CVE-2012-2216.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2216",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-2216",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6720 and CVE-2012-6721. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2012-6720 and CVE-2012-6721 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

58
2012/2xxx/CVE-2012-2452.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2452",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.htbridge.com/advisory/HTB23090",
"url": "https://www.htbridge.com/advisory/HTB23090"
},
{
"refsource": "MISC",
"name": "http://www.pragmamx.org/Forum-topic-33554.html",
"url": "http://www.pragmamx.org/Forum-topic-33554.html"
},
{
"refsource": "MISC",
"name": "http://www.pragmamx.org/News-pragmaMx-1.12-Servicepack2-item-706.html",
"url": "http://www.pragmamx.org/News-pragmaMx-1.12-Servicepack2-item-706.html"
}
]
}

53
2012/2xxx/CVE-2012-2517.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2517",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 allows remote attackers to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.htbridge.com/advisory/HTB23091",
"url": "https://www.htbridge.com/advisory/HTB23091"
},
{
"refsource": "MISC",
"name": "https://www.prestashop.com/download/old/changelog_1.4.9.0.txt",
"url": "https://www.prestashop.com/download/old/changelog_1.4.9.0.txt"
}
]
}

55
2012/2xxx/CVE-2012-2593.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2593",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atmail",
"product": {
"product_data": [
{
"product_name": "Atmail Webmail Server",
"version": {
"version_data": [
{
"version_value": "6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/20009",
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54630",
"url": "http://www.securityfocus.com/bid/54630"
}
]
}

58
2012/4xxx/CVE-2012-4029.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4029",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/115927/Chamilo-1.8.8.4-XSS-File-Deletion.html",
"url": "https://packetstormsecurity.com/files/115927/Chamilo-1.8.8.4-XSS-File-Deletion.html"
},
{
"refsource": "MISC",
"name": "http://support.chamilo.org/attachments/download/2863/chamilo-1.8.8.4-to-1.8.8.6.patch",
"url": "http://support.chamilo.org/attachments/download/2863/chamilo-1.8.8.4-to-1.8.8.6.patch"
},
{
"refsource": "MISC",
"name": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-7-2012-07-16-Moderate-risk-Several-moderate-security-flaws",
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-7-2012-07-16-Moderate-risk-Several-moderate-security-flaws"
}
]
}

83
2012/4xxx/CVE-2012-4381.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4381",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,84 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "MediaWiki",
"version": {
"version_data": [
{
"version_value": "before 1.18.5"
},
{
"version_value": "1.19.x before 1.19.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"
},
{
"refsource": "MISC",
"name": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/31/6",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/6"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/31/10",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/10"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=853442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853442"
},
{
"refsource": "MISC",
"name": "https://phabricator.wikimedia.org/T41184",
"url": "https://phabricator.wikimedia.org/T41184"
},
{
"refsource": "MISC",
"name": "http://osvdb.org/show/osvdb/85106",
"url": "http://osvdb.org/show/osvdb/85106"
}
]
}

100
2012/4xxx/CVE-2012-4512.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4512",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,101 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to \"type confusion.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "KDE",
"product": {
"product_data": [
{
"product_name": "Konqueror",
"version": {
"version_data": [
{
"version_value": "4.7.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc",
"url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
},
{
"refsource": "MISC",
"name": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html",
"url": "http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html"
},
{
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/10/11/11",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/10/30/6",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"refsource": "MISC",
"name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352",
"url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352"
},
{
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1416.html",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
},
{
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1418.html",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
},
{
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027709",
"url": "http://www.securitytracker.com/id?1027709"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/51097",
"url": "http://secunia.com/advisories/51097"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/51145",
"url": "http://secunia.com/advisories/51145"
}
]
}

55
2012/4xxx/CVE-2012-4519.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4519",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zenphoto",
"product": {
"product_data": [
{
"product_name": "Zenphoto",
"version": {
"version_data": [
{
"version_value": "before 1.4.3.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/10/11/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/10/19",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/07/10/19"
}
]
}

65
2012/5xxx/CVE-2012-5570.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5570",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the \"access basic_webmail\" permission to read arbitrary users' email addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Basic webmail module",
"version": {
"version_data": [
{
"version_value": "6.x-1.x before 6.x-1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/20/4",
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/27/2",
"url": "http://www.openwall.com/lists/oss-security/2012/11/27/2"
},
{
"refsource": "MISC",
"name": "https://drupal.org/node/1808616",
"url": "https://drupal.org/node/1808616"
},
{
"refsource": "CONFIRM",
"name": "https://www.drupal.org/node/1808852",
"url": "https://www.drupal.org/node/1808852"
}
]
}

63
2012/5xxx/CVE-2012-5828.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5828",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/56793",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56793"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80555",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80555"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-5828",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-5828"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/524893/30/9240/flat",
"url": "https://www.securityfocus.com/archive/1/524893/30/9240/flat"
}
]
}

63
2012/6xxx/CVE-2012-6297.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6297",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-6297",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-6297"
},
{
"refsource": "MISC",
"name": "https://vuldb.com/?id.9527",
"url": "https://vuldb.com/?id.9527"
},
{
"refsource": "FULLDISC",
"name": "[CVE-2012-6297] DD-WRT v24-sp2 Command Injection",
"url": "https://seclists.org/fulldisclosure/2013/Oct/241"
},
{
"refsource": "BUGTRAQ",
"name": "CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2",
"url": "https://lists.openwall.net/bugtraq/2013/07/12/2"
}
]
}

53
2012/6xxx/CVE-2012-6306.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6306",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/10/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/10/3"
},
{
"refsource": "MISC",
"name": "https://marc.info/?l=oss-security&m=135516610818927&w=2",
"url": "https://marc.info/?l=oss-security&m=135516610818927&w=2"
}
]
}

53
2012/6xxx/CVE-2012-6307.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6307",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability exists in JPEGsnoop 1.5.2 due to an unspecified issue in JPEG file handling, which could let a malicious user execute arbitrary code"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/exploits/21739/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/21739/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/10/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/10/4"
}
]
}

48
2012/6xxx/CVE-2012-6309.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6309",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability exists in Arctic Torrent 1.4 via unspecified vectors in .torrent file handling, which could let a malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/10/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/10/5"
}
]
}

58
2012/6xxx/CVE-2012-6340.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6340",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://vuldb.com/?id.7180",
"url": "https://vuldb.com/?id.7180"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/118854/Netgear-WGR614-Credential-Information.html",
"url": "https://packetstormsecurity.com/files/118854/Netgear-WGR614-Credential-Information.html"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/525042",
"url": "https://www.securityfocus.com/archive/1/525042"
}
]
}

53
2012/6xxx/CVE-2012-6341.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6341",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/525042",
"url": "https://www.securityfocus.com/archive/1/525042"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/date/2012-12-14/",
"url": "https://packetstormsecurity.com/files/date/2012-12-14/"
}
]
}

48
2012/6xxx/CVE-2012-6449.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6449",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/119113/C-Panel-WHM-11.34.0-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/119113/C-Panel-WHM-11.34.0-Cross-Site-Scripting.html"
}
]
}

53
2012/6xxx/CVE-2012-6611.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6611",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Polycom HDX Video End Points before 3.0 allows attackers to read arbitrary files via a .. (dot dot) in the name parameter to a_getlog.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://web.archive.org/web/20130320033016/http://blog.tempest.com.br/joao-paulo-campello/path-traversal-on-polycom-web-management-interface.html",
"url": "https://web.archive.org/web/20130320033016/http://blog.tempest.com.br/joao-paulo-campello/path-traversal-on-polycom-web-management-interface.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/43032",
"url": "https://www.exploit-db.com/exploits/43032"
}
]
}

53
2012/6xxx/CVE-2012-6666.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6666",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/37944",
"url": "https://www.exploit-db.com/exploits/37944"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/55908",
"url": "https://www.securityfocus.com/bid/55908"
}
]
}

14
2012/6xxx/CVE-2012-6686.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6686",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-6686",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4357. Reason: This candidate is a duplicate of CVE-2013-4357. Notes: All CVE users should reference CVE-2013-4357 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

62
2012/6xxx/CVE-2012-6720.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-6720",
"ASSIGNER": "cve@mitre.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2012/q2/396",
"url": "http://seclists.org/oss-sec/2012/q2/396"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to widget/index/content_id/*."
}
]
}
}

62
2012/6xxx/CVE-2012-6721.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2012-6721",
"ASSIGNER": "cve@mitre.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2012/q2/396",
"url": "https://seclists.org/oss-sec/2012/q2/396"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4."
}
]
}
}

60
2013/0xxx/CVE-2013-0192.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0192",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SMF",
"product": {
"product_data": [
{
"product_name": "SMF",
"version": {
"version_data": [
{
"version_value": "<= 2.0.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "file exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/02/01/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/01/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/01/17/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/17/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/01/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/31/1"
}
]
}

59
2013/0xxx/CVE-2013-0507.json
View File

@ -1,8 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0507",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "IBM InfoSphere Information Server",
"version": {
"version_data": [
{
"version_value": "8.1"
},
{
"version_value": "8.5"
},
{
"version_value": "8.7"
},
{
"version_value": "9.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +43,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session Fixation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/59815",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59815"
}
]
}

64
2013/0xxx/CVE-2013-0517.json
View File

@ -1,8 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0517",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Sterling External Authentication Server",
"version": {
"version_data": [
{
"version_value": "2.2.0"
},
{
"version_value": "2.3.01"
},
{
"version_value": "2.4.0"
},
{
"version_value": "and 2.4.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +43,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/59807",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59807"
},
{
"refsource": "MISC",
"name": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-addressed-in-ibm-sterling-external-authentication-server-cve-2013-0514-cve-2013-0517-4/",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-addressed-in-ibm-sterling-external-authentication-server-cve-2013-0514-cve-2013-0517-4/"
}
]
}

5
2013/0xxx/CVE-2013-0700.json
View File

@ -56,6 +56,11 @@
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf"
}
]
}

58
2013/0xxx/CVE-2013-0803.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-0803",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.exploit-db.com/exploits/24549",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/24549"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82378",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82378"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-0803",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-0803"
}
]
}

50
2013/1xxx/CVE-2013-1202.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1202",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco ACE",
"version": {
"version_data": [
{
"version_value": "A2(3.6)"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco ACE A2(3.6) allows log retention DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "log retention DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130516-CVE-2013-1202",
"refsource": "MISC",
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130516-CVE-2013-1202"
}
]
}

48
2013/1xxx/CVE-2013-1353.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1353",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Orange HRM 2.7.1 allows XSS via the vacancy name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/119461/OrangeHRM-2.7.1-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/119461/OrangeHRM-2.7.1-Cross-Site-Scripting.html"
}
]
}

83
2013/1xxx/CVE-2013-1359.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1359",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,63 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/57445",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57445"
},
{
"url": "http://www.exploit-db.com/exploits/24204",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/24204"
},
{
"url": "http://www.exploit-db.com/exploits/24322",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/24322"
},
{
"url": "http://www.securitytracker.com/id/1028007",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028007"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81367"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/author/7547/",
"url": "https://packetstormsecurity.com/files/author/7547/"
},
{
"refsource": "MISC",
"name": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns",
"url": "https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2013/Jan/125",
"url": "https://seclists.org/fulldisclosure/2013/Jan/125"
}
]
}

73
2013/1xxx/CVE-2013-1360.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1360",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,53 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securitytracker.com/id/1028007",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028007"
},
{
"url": "http://www.securityfocus.com/bid/57446",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57446"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81366"
},
{
"url": "http://www.exploit-db.com/exploits/24203",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/24203"
},
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1360",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1360"
}
]
}

53
2013/1xxx/CVE-2013-1410.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1410",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.exploit-database.net/?id=59355",
"url": "https://www.exploit-database.net/?id=59355"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/57514/info",
"url": "https://www.securityfocus.com/bid/57514/info"
}
]
}

53
2013/1xxx/CVE-2013-1607.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1607",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82563",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82563"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/58303/info",
"url": "https://www.securityfocus.com/bid/58303/info"
}
]
}

58
2013/1xxx/CVE-2013-1760.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1760",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnerabilities"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/64004",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64004"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89358",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89358"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89360",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89360"
}
]
}

55
2013/1xxx/CVE-2013-1924.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1924",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Commerce Skrill",
"product": {
"product_data": [
{
"product_name": "Commerce Skrill",
"version": {
"version_data": [
{
"version_value": "all versions prior to 7.x-1.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.2"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/04/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/04/6"
},
{
"url": "http://drupal.org/node/1960338",
"refsource": "MISC",
"name": "http://drupal.org/node/1960338"
}
]
}

60
2013/1xxx/CVE-2013-1938.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1938",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zimbra",
"version": {
"version_data": [
{
"version_value": "2013"
}
]
}
}
]
},
"vendor_name": "Zimbra"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zimbra 2013 has XSS in aspell.php"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/58913",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58913"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/09/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/09/14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/09/15",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/09/15"
}
]
}

60
2013/2xxx/CVE-2013-2008.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2008",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Super Cache Plugin authors",
"product": {
"product_data": [
{
"product_name": "Super Cache Plugin",
"version": {
"version_data": [
{
"version_value": "1.3 (fixed in 1.3.1)"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WordPress Super Cache Plugin 1.3 has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/8"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83798",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83798"
}
]
}

70
2013/2xxx/CVE-2013-2009.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2009",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WP Super Cache Plugin authors",
"product": {
"product_data": [
{
"product_name": "WP Super Cache Plugin",
"version": {
"version_data": [
{
"version_value": "1.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote PHP Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/8"
},
{
"url": "http://www.securityfocus.com/bid/59470",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59470"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/12"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83799",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83799"
}
]
}

65
2013/2xxx/CVE-2013-2010.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2010",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "W3 Total Cache Plugin authors",
"product": {
"product_data": [
{
"product_name": "W3 Total Cache Plugin",
"version": {
"version_data": [
{
"version_value": "0.9.2.8"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote PHP Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/130999/WordPress-W3-Total-Cache-PHP-Code-Execution.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/130999/WordPress-W3-Total-Cache-PHP-Code-Execution.html"
},
{
"url": "http://www.securityfocus.com/bid/59316",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59316"
},
{
"url": "http://www.exploit-db.com/exploits/25137",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/25137"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/24/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/24/9"
}
]
}

60
2013/2xxx/CVE-2013-2057.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2057",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "YaBB",
"product": {
"product_data": [
{
"product_name": "YaBB",
"version": {
"version_data": [
{
"version_value": "through 2.5.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Include"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/59643",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59643"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84034",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84034"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/05/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/05/1"
}
]
}

70
2013/2xxx/CVE-2013-2097.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2097",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ZPanel",
"product": {
"product_data": [
{
"product_name": "ZPanel",
"version": {
"version_data": [
{
"version_value": "10.1.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ZPanel through 10.1.0 has Remote Command Execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Command Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/134030/Zpanel-10.1.0-Remote-Unauthenticated-Code-Execution.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/134030/Zpanel-10.1.0-Remote-Unauthenticated-Code-Execution.html"
},
{
"url": "http://www.exploit-db.com/exploits/25519",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/25519"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/16/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/16/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/16/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/16/16"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84364",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84364"
}
]
}

65
2013/2xxx/CVE-2013-2108.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2108",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WP Cleanfix Plugin authors",
"product": {
"product_data": [
{
"product_name": "WP Cleanfix Plugin",
"version": {
"version_data": [
{
"version_value": "2.4.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WordPress WP Cleanfix Plugin 2.4.4 has CSRF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/59940",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59940"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84435",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84435"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/18/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/18/11"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84562",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84562"
}
]
}

55
2013/2xxx/CVE-2013-2109.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2109",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wp-cleanfix",
"version": {
"version_data": [
{
"version_value": "1.4"
}
]
}
}
]
},
"vendor_name": "wp-cleanfix authors"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WordPress plugin wp-cleanfix has Remote Code Execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/18/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/18/11"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84434",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84434"
}
]
}

70
2013/2xxx/CVE-2013-2120.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2120",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Random Number Generation"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "KDE Paste Applet",
"version": {
"version_data": [
{
"version_value": "before 4.10.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=969421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=969421"
},
{
"refsource": "MISC",
"name": "https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce",
"url": "https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce"
},
{
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0114.html",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0114.html"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2013/05/28/5",
"url": "http://openwall.com/lists/oss-security/2013/05/28/5"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2013/05/29/6",
"url": "http://openwall.com/lists/oss-security/2013/05/29/6"
}
]
}

60
2013/2xxx/CVE-2013-2213.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2213",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Random Number Generation"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "KDE Paste Applet",
"version": {
"version_data": [
{
"version_value": "after 4.10.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978243"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2013/06/13/1",
"url": "http://openwall.com/lists/oss-security/2013/06/13/1"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2013/06/26/2",
"url": "http://openwall.com/lists/oss-security/2013/06/26/2"
}
]
}

58
2013/2xxx/CVE-2013-2675.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2675",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121553/Brother-MFC-9970CDW-Firmware-0D-Cross-Site-Scripting.html"
},
{
"refsource": "XF",
"name": "84092",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84092"
},
{
"refsource": "BID",
"name": "59724",
"url": "https://www.securityfocus.com/bid/59724"
}
]
}

58
2013/2xxx/CVE-2013-2680.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2680",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59712",
"url": "http://www.securityfocus.com/bid/59712"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84073",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84073"
}
]
}

58
2013/2xxx/CVE-2013-2681.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2681",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59714",
"url": "http://www.securityfocus.com/bid/59714"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84068",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84068"
}
]
}

58
2013/2xxx/CVE-2013-2682.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2682",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59717",
"url": "http://www.securityfocus.com/bid/59717"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84071",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84071"
}
]
}

58
2013/2xxx/CVE-2013-2683.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2683",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59713",
"url": "http://www.securityfocus.com/bid/59713"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84067",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84067"
}
]
}

58
2013/2xxx/CVE-2013-2684.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2684",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "59716",
"url": "http://www.securityfocus.com/bid/59716"
},
{
"url": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"refsource": "XF",
"name": "84070",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84070"
}
]
}

5
2013/2xxx/CVE-2013-2780.json
View File

@ -56,6 +56,11 @@
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf"
}
]
}

58
2013/3xxx/CVE-2013-3067.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3067",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_wrt310v2.php",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_wrt310v2.php"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/research/studies-and-papers/linksys_wrt310v2/",
"url": "https://www.ise.io/research/studies-and-papers/linksys_wrt310v2/"
}
]
}

58
2013/3xxx/CVE-2013-3091.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3091",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using \"Javascript debugging.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/research/studies-and-papers/belkin_n900/",
"url": "https://www.ise.io/research/studies-and-papers/belkin_n900/"
}
]
}

58
2013/3xxx/CVE-2013-3096.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3096",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR865L v1.03 suffers from an \"Unauthenticated Hardware Linking\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"refsource": "MISC",
"name": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/dlink_dir865l.php"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/",
"url": "https://www.ise.io/research/studies-and-papers/dlink_dir865l/"
}
]
}

50
2013/3xxx/CVE-2013-3494.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-3494",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "UMPlayer",
"product": {
"product_data": [
{
"product_name": "UMPlayer",
"version": {
"version_data": [
{
"version_value": "0.98"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89262",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89262"
}
]
}

48
2013/3xxx/CVE-2013-3564.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3564",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-007.txt",
"refsource": "MISC",
"name": "https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-007.txt"
}
]
}

58
2013/3xxx/CVE-2013-3568.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3568",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "61151",
"url": "http://www.securityfocus.com/bid/61151"
},
{
"refsource": "EXPLOIT-DB",
"name": "28484",
"url": "http://www.exploit-db.com/exploits/28484"
},
{
"refsource": "XF",
"name": "85642",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85642"
}
]
}

68
2013/3xxx/CVE-2013-3591.json
View File

@ -1,8 +1,34 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3591",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vTiger CRM",
"product": {
"product_data": [
{
"product_name": "vTiger CRM",
"version": {
"version_data": [
{
"version_value": "5.3"
},
{
"version_value": "5.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +37,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PHP Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"url": "http://www.securityfocus.com/bid/63454",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63454"
},
{
"url": "http://www.exploit-db.com/exploits/29319",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/29319"
}
]
}

65
2013/3xxx/CVE-2013-3628.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3628",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zabbix",
"product": {
"product_data": [
{
"product_name": "Zabbix",
"version": {
"version_data": [
{
"version_value": "2.0.9"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Command Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"url": "http://www.securityfocus.com/bid/63453",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63453"
},
{
"url": "http://www.exploit-db.com/exploits/29321",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/29321"
}
]
}

65
2013/3xxx/CVE-2013-3629.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3629",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ISPConfig",
"product": {
"product_data": [
{
"product_name": "ISPConfig",
"version": {
"version_data": [
{
"version_value": "3.0.5.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PHP Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one",
"refsource": "MISC",
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"url": "http://www.securityfocus.com/bid/63455",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63455"
},
{
"url": "http://www.exploit-db.com/exploits/29322",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/29322"
}
]
}

48
2013/3xxx/CVE-2013-3635.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3635",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ProjectPier 0.8.8 has stored XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html"
}
]
}

58
2013/3xxx/CVE-2013-3636.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3636",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html"
},
{
"url": "http://www.securityfocus.com/bid/60739",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/60739"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85609",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85609"
}
]
}

48
2013/3xxx/CVE-2013-3637.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3637",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ProjectPier 0.8.8 does not use the Secure flag for cookies"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html"
}
]
}

53
2013/3xxx/CVE-2013-3638.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3638",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "60511",
"url": "http://www.securityfocus.com/bid/60511"
},
{
"refsource": "XF",
"name": "84928",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84928"
}
]
}

53
2013/3xxx/CVE-2013-3684.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3684",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85012",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85012"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85011",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85011"
}
]
}

63
2013/3xxx/CVE-2013-3685.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3685",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/60749",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/60749"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85296",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85296"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2013/Jun/196",
"url": "https://seclists.org/fulldisclosure/2013/Jun/196"
},
{
"refsource": "MISC",
"name": "https://androidvulnerabilities.org/all",
"url": "https://androidvulnerabilities.org/all"
}
]
}

55
2013/3xxx/CVE-2013-3942.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-3942",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Daum",
"product": {
"product_data": [
{
"product_name": "Potplayer",
"version": {
"version_data": [
{
"version_value": "prior to 1.5.39659"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "untrusted search path"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/64023",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64023"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89352",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89352"
}
]
}

Some files were not shown because too many files have changed in this diff Show More