admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:31:19 +00:00
parent 8cb2b632b6
commit ec0e7f286f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 4002 additions and 4002 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
1999/0xxx/CVE-1999-0811.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0811",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0811",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Samba smbd program via a malformed message command."
"lang": "eng",
"value": "Buffer overflow in Samba smbd program via a malformed message command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "536",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/536"
"name": "536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/536"
}
]
}

62
1999/0xxx/CVE-1999-0948.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0948",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0948",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in uum program for Canna input system allows local users to gain root privileges."
"lang": "eng",
"value": "Buffer overflow in uum program for Canna input system allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "757",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/757"
"name": "757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/757"
}
]
}

68
1999/1xxx/CVE-1999-1389.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1389",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1389",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the \"set host prompt\" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the \"host: \" prompt."
"lang": "eng",
"value": "US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the \"set host prompt\" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the \"host: \" prompt."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19980511 3Com/USR Total Control Chassis dialup port access filters",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=90221101925916&w=2"
"name": "99",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99"
},
{
"name" : "99",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99"
"name": "19980511 3Com/USR Total Control Chassis dialup port access filters",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90221101925916&w=2"
}
]
}

74
1999/1xxx/CVE-1999-1555.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1555",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1555",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with \"EVERYONE FULL CONTROL\" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll."
"lang": "eng",
"value": "Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with \"EVERYONE FULL CONTROL\" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19980611 Cheyenne Inoculan vulnerability on NT",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/9515"
"name": "19980611 Cheyenne Inoculan vulnerability on NT",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/9515"
},
{
"name" : "106",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106"
"name": "106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106"
},
{
"name" : "inoculan-bad-permissions(1536)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1536"
"name": "inoculan-bad-permissions(1536)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1536"
}
]
}

68
2000/1xxx/CVE-2000-1175.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1175",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1175",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument."
"lang": "eng",
"value": "Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20001120 local exploit for linux's Koules1.4 package",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/145823"
"name": "1967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1967"
},
{
"name" : "1967",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1967"
"name": "20001120 local exploit for linux's Koules1.4 package",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/145823"
}
]
}

74
2005/2xxx/CVE-2005-2157.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2157",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2157",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2005-0954",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/0954"
"name": "15910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15910"
},
{
"name" : "1014355",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014355"
"name": "ADV-2005-0954",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0954"
},
{
"name" : "15910",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15910"
"name": "1014355",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014355"
}
]
}

98
2005/2xxx/CVE-2005-2338.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2338",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-2338",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP and earlier, XOOPS 2.0.13.1 and earlier, and 2.2.x up to 2.2.3 RC1 allow remote attackers to inject arbitrary web script or HTML via (1) modules that use \"XOOPS Code\" and (2) newbb in the forum module."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP and earlier, XOOPS 2.0.13.1 and earlier, and 2.2.x up to 2.2.3 RC1 allow remote attackers to inject arbitrary web script or HTML via (1) modules that use \"XOOPS Code\" and (2) newbb in the forum module."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051025 [SNS Advisory No.85] XOOPS Multiple Cross-site Scripting Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=113027315412024&w=2"
"name": "17300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17300"
},
{
"name" : "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/85_e.html",
"refsource" : "MISC",
"url" : "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/85_e.html"
"name": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/85_e.html",
"refsource": "MISC",
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/85_e.html"
},
{
"name" : "JVN#77105349",
"refsource" : "JVN",
"url" : "http://jvn.jp/jp/JVN%2377105349/index.html"
"name": "JVN#77105349",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2377105349/index.html"
},
{
"name" : "VU#683958",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/683958"
"name": "15195",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15195"
},
{
"name" : "VU#346302",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/346302"
"name": "20051025 [SNS Advisory No.85] XOOPS Multiple Cross-site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=113027315412024&w=2"
},
{
"name" : "15195",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15195"
"name": "VU#346302",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/346302"
},
{
"name" : "17300",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17300"
"name": "VU#683958",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/683958"
}
]
}

86
2005/2xxx/CVE-2005-2397.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2397",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2397",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14390",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14390"
"name": "14390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14390"
},
{
"name" : "18295",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18295"
"name": "18295",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18295"
},
{
"name" : "1014573",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014573"
"name": "1014573",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014573"
},
{
"name" : "16192",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16192"
"name": "16192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16192"
},
{
"name" : "phpbook-admin-xss(21538)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21538"
"name": "phpbook-admin-xss(21538)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21538"
}
]
}

116
2005/2xxx/CVE-2005-2428.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2428",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2428",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Lotus Domino R5 and R6 WebMail, with \"Generate HTML for all fields\" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696."
"lang": "eng",
"value": "Lotus Domino R5 and R6 WebMail, with \"Generate HTML for all fields\" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050726 CYBSEC - Security Advisory: Default Configuration Information",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112240869130356&w=2"
"name": "20050726 CYBSEC - Security Advisory: Default Configuration Information",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112240869130356&w=2"
},
{
"name" : "39495",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39495/"
"name": "14389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14389"
},
{
"name" : "http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf",
"refsource" : "MISC",
"url" : "http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf"
"name": "39495",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39495/"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21212934",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21212934"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21212934",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21212934"
},
{
"name" : "http://www.securiteam.com/securitynews/5FP0E15GLQ.html",
"refsource" : "MISC",
"url" : "http://www.securiteam.com/securitynews/5FP0E15GLQ.html"
"name": "1014584",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014584"
},
{
"name" : "14389",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14389"
"name": "18462",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18462"
},
{
"name" : "18462",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18462"
"name": "http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf",
"refsource": "MISC",
"url": "http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf"
},
{
"name" : "1014584",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014584"
"name": "http://www.securiteam.com/securitynews/5FP0E15GLQ.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5FP0E15GLQ.html"
},
{
"name" : "16231",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16231/"
"name": "16231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16231/"
},
{
"name" : "lotus-domino-names-obtain-information(21556)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21556"
"name": "lotus-domino-names-obtain-information(21556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21556"
}
]
}

86
2005/2xxx/CVE-2005-2463.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2463",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2463",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message."
"lang": "eng",
"value": "Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050730 Kayako liveResponse Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112274359718863&w=2"
"name": "14425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14425"
},
{
"name" : "http://www.gulftech.org/?node=research&article_id=00092-07302005",
"refsource" : "MISC",
"url" : "http://www.gulftech.org/?node=research&article_id=00092-07302005"
"name": "18399",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18399"
},
{
"name" : "14425",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14425"
"name": "20050730 Kayako liveResponse Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112274359718863&w=2"
},
{
"name" : "18399",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18399"
"name": "16286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16286"
},
{
"name" : "16286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16286"
"name": "http://www.gulftech.org/?node=research&article_id=00092-07302005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00092-07302005"
}
]
}

80
2005/2xxx/CVE-2005-2632.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2632",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2632",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field."
"lang": "eng",
"value": "SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050817 SQL injection in mediabox404 v1.2",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112431321513646&w=2"
"name": "14593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14593"
},
{
"name" : "14593",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14593"
"name": "16493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16493/"
},
{
"name" : "16493",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16493/"
"name": "20050817 SQL injection in mediabox404 v1.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112431321513646&w=2"
},
{
"name" : "mediabox-sql-injection(21905)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21905"
"name": "mediabox-sql-injection(21905)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21905"
}
]
}

194
2005/3xxx/CVE-2005-3319.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-3319",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3319",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost."
"lang": "eng",
"value": "The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20051024 php < 4.4.1 htaccess apache dos",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=113019286208204&w=2"
"name": "20051024 php < 4.4.1 htaccess apache dos",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=113019286208204&w=2"
},
{
"name" : "20051024 php < 4.4.1 htaccess apache dos",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html"
"name": "22691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22691"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=107602",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=107602"
"name": "20051024 php < 4.4.1 htaccess apache dos",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=303382",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=303382"
"name": "MDKSA-2005:213",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
},
{
"name" : "APPLE-SA-2006-03-01",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
"name": "18198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18198"
},
{
"name" : "GLSA-200511-08",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
"name": "SSRT061238",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"name" : "HPSBMA02159",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
"name": "HPSBMA02159",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"name" : "SSRT061238",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
"name": "525",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/525"
},
{
"name" : "MDKSA-2005:213",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
"name": "19064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19064"
},
{
"name" : "USN-232-1",
"refsource" : "UBUNTU",
"url" : "https://www.ubuntu.com/usn/usn-232-1/"
"name": "php-htaccess-dos(22844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22844"
},
{
"name" : "TA06-062A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=107602",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=107602"
},
{
"name" : "15177",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15177"
"name": "20491",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20491"
},
{
"name" : "16907",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16907"
"name": "16907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16907"
},
{
"name" : "ADV-2006-0791",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0791"
"name": "ADV-2006-0791",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"name" : "ADV-2006-4320",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4320"
"name": "ADV-2006-4320",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"name" : "20491",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/20491"
"name": "APPLE-SA-2006-03-01",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"name" : "18198",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18198"
"name": "15177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15177"
},
{
"name" : "19064",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19064"
"name": "TA06-062A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"name" : "17510",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17510"
"name": "17510",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17510"
},
{
"name" : "17557",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17557"
"name": "17557",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17557"
},
{
"name" : "22691",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22691"
"name": "GLSA-200511-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"name" : "525",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/525"
"name": "USN-232-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"name" : "php-htaccess-dos(22844)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22844"
"name": "http://docs.info.apple.com/article.html?artnum=303382",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=303382"
}
]
}

104
2007/5xxx/CVE-2007-5005.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5005",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5005",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command."
"lang": "eng",
"value": "Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops",
"refsource" : "EEYE",
"url" : "http://research.eeye.com/html/advisories/published/AD20070920.html"
"name": "24348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name" : "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
"name": "25606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25606"
},
{
"name" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource" : "CONFIRM",
"url" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource" : "CONFIRM",
"url" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"name" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676",
"refsource" : "CONFIRM",
"url" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name" : "24348",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24348"
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name" : "1018728",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018728"
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name" : "25606",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25606"
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}

86
2007/5xxx/CVE-2007-5982.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5982",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5982",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to sources/frame.php, the (2) theme_c parameter to help/index.php, or the (3) INSTALL_X7CHATVERSION parameter to upgradev1.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to sources/frame.php, the (2) theme_c parameter to help/index.php, or the (3) INSTALL_X7CHATVERSION parameter to upgradev1.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstorm.linuxsecurity.com/0711-exploits/x7-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstorm.linuxsecurity.com/0711-exploits/x7-xss.txt"
"name": "38745",
"refsource": "OSVDB",
"url": "http://osvdb.org/38745"
},
{
"name" : "26417",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26417"
"name": "38746",
"refsource": "OSVDB",
"url": "http://osvdb.org/38746"
},
{
"name" : "38745",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38745"
"name": "27677",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27677"
},
{
"name" : "38746",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38746"
"name": "http://packetstorm.linuxsecurity.com/0711-exploits/x7-xss.txt",
"refsource": "MISC",
"url": "http://packetstorm.linuxsecurity.com/0711-exploits/x7-xss.txt"
},
{
"name" : "27677",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27677"
"name": "26417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26417"
}
]
}

92
2009/2xxx/CVE-2009-2053.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2053",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2053",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
"lang": "eng",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
"name": "36499",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36499"
},
{
"name" : "36152",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36152"
"name": "36152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36152"
},
{
"name" : "57455",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/57455"
"name": "36498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36498"
},
{
"name" : "1022775",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022775"
"name": "57455",
"refsource": "OSVDB",
"url": "http://osvdb.org/57455"
},
{
"name" : "36498",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36498"
"name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
},
{
"name" : "36499",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36499"
"name": "1022775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022775"
}
]
}

236
2009/2xxx/CVE-2009-2408.json
View File

@ -1,206 +1,206 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2408",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-2408",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5."
"lang": "eng",
"value": "Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090903 More CVE-2009-2408 like issues",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=125198917018936&w=2"
"name": "36139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36139"
},
{
"name" : "http://www.wired.com/threatlevel/2009/07/kaminsky/",
"refsource" : "MISC",
"url" : "http://www.wired.com/threatlevel/2009/07/kaminsky/"
"name": "36157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36157"
},
{
"name" : "http://isc.sans.org/diary.html?storyid=7003",
"refsource" : "MISC",
"url" : "http://isc.sans.org/diary.html?storyid=7003"
"name": "1022632",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022632"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=510251",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=510251"
"name": "MDVSA-2009:197",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:197"
},
{
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-42.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-42.html"
"name": "SUSE-SA:2009:048",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2009_48_firefox.html"
},
{
"name" : "http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h",
"refsource" : "CONFIRM",
"url" : "http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h"
"name": "MDVSA-2009:216",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:216"
},
{
"name" : "DSA-1874",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1874"
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name" : "MDVSA-2009:197",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:197"
"name": "36434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36434"
},
{
"name" : "MDVSA-2009:216",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:216"
"name": "36088",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36088"
},
{
"name" : "MDVSA-2009:217",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:217"
"name": "http://isc.sans.org/diary.html?storyid=7003",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?storyid=7003"
},
{
"name" : "RHSA-2009:1207",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1207.html"
"name": "RHSA-2009:1207",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1207.html"
},
{
"name" : "RHSA-2009:1432",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1432.html"
"name": "http://www.wired.com/threatlevel/2009/07/kaminsky/",
"refsource": "MISC",
"url": "http://www.wired.com/threatlevel/2009/07/kaminsky/"
},
{
"name" : "1021030",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1"
"name": "36669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36669"
},
{
"name" : "SUSE-SR:2009:018",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"name": "56723",
"refsource": "OSVDB",
"url": "http://osvdb.org/56723"
},
{
"name" : "SUSE-SA:2009:048",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2009_48_firefox.html"
"name": "RHSA-2009:1432",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1432.html"
},
{
"name" : "USN-810-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-810-1"
"name": "USN-810-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-810-1"
},
{
"name" : "USN-810-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/810-2/"
"name": "oval:org.mitre.oval:def:10751",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751"
},
{
"name" : "56723",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/56723"
"name": "USN-810-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/810-2/"
},
{
"name" : "oval:org.mitre.oval:def:10751",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751"
"name": "oval:org.mitre.oval:def:8458",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458"
},
{
"name" : "oval:org.mitre.oval:def:8458",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458"
"name": "1021030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1"
},
{
"name" : "1022632",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022632"
"name": "http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h",
"refsource": "CONFIRM",
"url": "http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h"
},
{
"name" : "36088",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36088"
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name" : "36125",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36125"
"name": "36125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36125"
},
{
"name" : "36139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36139"
"name": "37098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37098"
},
{
"name" : "36157",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36157"
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-42.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-42.html"
},
{
"name" : "36434",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36434"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=510251",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251"
},
{
"name" : "37098",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37098"
"name": "ADV-2009-2085",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2085"
},
{
"name" : "36669",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36669"
"name": "DSA-1874",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1874"
},
{
"name" : "ADV-2009-2085",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2085"
"name": "MDVSA-2009:217",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:217"
},
{
"name" : "ADV-2009-3184",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3184"
"name": "[oss-security] 20090903 More CVE-2009-2408 like issues",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=125198917018936&w=2"
}
]
}

140
2009/2xxx/CVE-2009-2562.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2562",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2562",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20090917 Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/09/17/15"
"name": "MDVSA-2009:194",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:194"
},
{
"name" : "[oss-security] 20090917 Re: Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2009/09/18/2"
"name": "http://www.wireshark.org/security/wnpa-sec-2009-04.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2009-04.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564",
"refsource" : "MISC",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564"
"name": "37477",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37477"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2009-04.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2009-04.html"
"name": "ADV-2009-1970",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1970"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2009-05.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2009-05.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2009-05.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2009-05.html"
},
{
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html"
"name": "oval:org.mitre.oval:def:11643",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11643"
},
{
"name" : "DSA-1942",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2009/dsa-1942"
"name": "35748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35748"
},
{
"name" : "MDVSA-2009:194",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:194"
"name": "35884",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35884"
},
{
"name" : "35748",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35748"
"name": "[oss-security] 20090917 Re: Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/18/2"
},
{
"name" : "oval:org.mitre.oval:def:11643",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11643"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564",
"refsource": "MISC",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564"
},
{
"name" : "oval:org.mitre.oval:def:5625",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5625"
"name": "oval:org.mitre.oval:def:5625",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5625"
},
{
"name" : "35884",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35884"
"name": "DSA-1942",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1942"
},
{
"name" : "37477",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37477"
"name": "[oss-security] 20090917 Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/17/15"
},
{
"name" : "ADV-2009-1970",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1970"
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html"
}
]
}

68
2009/2xxx/CVE-2009-2951.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2951",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2951",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords."
"lang": "eng",
"value": "Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.phenotype-cms.com/wiki/development-changelog",
"refsource" : "CONFIRM",
"url" : "http://www.phenotype-cms.com/wiki/development-changelog"
"name": "http://www.phenotype-cms.com/wiki/development-changelog",
"refsource": "CONFIRM",
"url": "http://www.phenotype-cms.com/wiki/development-changelog"
},
{
"name" : "phenotype-salt-value-info-disclosure(52856)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52856"
"name": "phenotype-salt-value-info-disclosure(52856)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52856"
}
]
}

92
2009/2xxx/CVE-2009-2991.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2991",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2991",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
"name": "36638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36638"
},
{
"name" : "TA09-286B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
"name": "TA09-286B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name" : "36638",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36638"
"name": "oval:org.mitre.oval:def:5557",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5557"
},
{
"name" : "oval:org.mitre.oval:def:5557",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5557"
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name" : "1023007",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023007"
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name" : "ADV-2009-2898",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2898"
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
}
]
}

74
2009/3xxx/CVE-2009-3179.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3179",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3179",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) \"Symantec Altiris Deployment Solution 6.9 exploit, (2) \"Symantec Altiris Deployment Solution 6.9 exploit (II),\" and (3) \"Symantec Altiris Deployment Solution 6.9 exploit (III).\" NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) \"Symantec Altiris Deployment Solution 6.9 exploit, (2) \"Symantec Altiris Deployment Solution 6.9 exploit (II),\" and (3) \"Symantec Altiris Deployment Solution 6.9 exploit (III).\" NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://intevydis.com/vd-list.shtml",
"refsource" : "MISC",
"url" : "http://intevydis.com/vd-list.shtml"
"name": "36587",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36587"
},
{
"name" : "36247",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36247"
"name": "http://intevydis.com/vd-list.shtml",
"refsource": "MISC",
"url": "http://intevydis.com/vd-list.shtml"
},
{
"name" : "36587",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36587"
"name": "36247",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36247"
}
]
}

74
2009/3xxx/CVE-2009-3851.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-3851",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3851",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the \"restart daemon.\""
"lang": "eng",
"value": "Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the \"restart daemon.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1",
"refsource" : "CONFIRM",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1"
"name": "oval:org.mitre.oval:def:6845",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6845"
},
{
"name" : "270809",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270809-1"
"name": "270809",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270809-1"
},
{
"name" : "oval:org.mitre.oval:def:6845",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6845"
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1"
}
]
}

128
2015/0xxx/CVE-2015-0220.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0220",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-0220",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a \"\\njavascript:\" URL."
"lang": "eng",
"value": "The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a \"\\njavascript:\" URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.djangoproject.com/weblog/2015/jan/13/security/",
"refsource" : "CONFIRM",
"url" : "https://www.djangoproject.com/weblog/2015/jan/13/security/"
"name": "62718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62718"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0026.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0026.html"
"name": "FEDORA-2015-0804",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"
},
{
"name" : "FEDORA-2015-0714",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"
"name": "USN-2469-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2469-1"
},
{
"name" : "FEDORA-2015-0804",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"
"name": "MDVSA-2015:036",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:036"
},
{
"name" : "MDVSA-2015:036",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:036"
"name": "62285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62285"
},
{
"name" : "MDVSA-2015:109",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"
"name": "openSUSE-SU-2015:1598",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"
},
{
"name" : "openSUSE-SU-2015:0643",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"
"name": "https://www.djangoproject.com/weblog/2015/jan/13/security/",
"refsource": "CONFIRM",
"url": "https://www.djangoproject.com/weblog/2015/jan/13/security/"
},
{
"name" : "openSUSE-SU-2015:1598",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"
"name": "openSUSE-SU-2015:0643",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"
},
{
"name" : "USN-2469-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-2469-1"
"name": "62309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62309"
},
{
"name" : "62285",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62285"
"name": "MDVSA-2015:109",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"
},
{
"name" : "62309",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62309"
"name": "http://advisories.mageia.org/MGASA-2015-0026.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0026.html"
},
{
"name" : "62718",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62718"
"name": "FEDORA-2015-0714",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"
}
]
}

152
2015/0xxx/CVE-2015-0313.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0313",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-0313",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "36579",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/36579/"
"name": "1031686",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031686"
},
{
"name" : "http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html"
"name": "openSUSE-SU-2015:0238",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsa15-02.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsa15-02.html"
"name": "62895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62895"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html"
"name": "http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html"
},
{
"name" : "https://technet.microsoft.com/library/security/2755801",
"refsource" : "CONFIRM",
"url" : "https://technet.microsoft.com/library/security/2755801"
"name": "https://technet.microsoft.com/library/security/2755801",
"refsource": "CONFIRM",
"url": "https://technet.microsoft.com/library/security/2755801"
},
{
"name" : "SUSE-SU-2015:0236",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html"
"name": "117853",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/117853"
},
{
"name" : "SUSE-SU-2015:0239",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html"
"name": "62777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62777"
},
{
"name" : "openSUSE-SU-2015:0237",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html"
"name": "adobe-flash-cve20150313-code-exec(100641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100641"
},
{
"name" : "openSUSE-SU-2015:0238",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html"
"name": "62528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62528"
},
{
"name" : "72429",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72429"
"name": "openSUSE-SU-2015:0237",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html"
},
{
"name" : "117853",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/117853"
"name": "SUSE-SU-2015:0236",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html"
},
{
"name" : "1031686",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031686"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html"
},
{
"name" : "62528",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62528"
"name": "72429",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72429"
},
{
"name" : "62777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62777"
"name": "36579",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36579/"
},
{
"name" : "62895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62895"
"name": "https://helpx.adobe.com/security/products/flash-player/apsa15-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-02.html"
},
{
"name" : "adobe-flash-cve20150313-code-exec(100641)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100641"
"name": "SUSE-SU-2015:0239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html"
}
]
}

68
2015/0xxx/CVE-2015-0414.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0414",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0414",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "72220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72220"
},
{
"name" : "72220",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72220"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
}
]
}

122
2015/0xxx/CVE-2015-0441.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0441",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0441",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
"name": "GLSA-201507-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-19"
},
{
"name" : "DSA-3229",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3229"
"name": "DSA-3229",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3229"
},
{
"name" : "DSA-3311",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3311"
"name": "1032121",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032121"
},
{
"name" : "GLSA-201507-19",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201507-19"
"name": "DSA-3311",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name" : "RHSA-2015:1629",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
"name": "RHSA-2015:1647",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"name" : "RHSA-2015:1628",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name" : "RHSA-2015:1647",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
"name": "RHSA-2015:1628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name" : "RHSA-2015:1665",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
"name": "SUSE-SU-2015:0946",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"name" : "SUSE-SU-2015:0946",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
"name": "USN-2575-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2575-1"
},
{
"name" : "USN-2575-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2575-1"
"name": "RHSA-2015:1629",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name" : "1032121",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032121"
"name": "RHSA-2015:1665",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
]
}

74
2015/0xxx/CVE-2015-0998.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0998",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-0998",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
"lang": "eng",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"name" : "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"refsource" : "CONFIRM",
"url" : "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"name" : "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02",
"refsource" : "CONFIRM",
"url" : "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
]
}

80
2015/4xxx/CVE-2015-4075.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4075",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4075",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task."
"lang": "eng",
"value": "The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "37666",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37666/"
"name": "37666",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37666/"
},
{
"name" : "20151231 Joomla! plugin Helpdesk Pro < 1.4.0",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Jul/102"
"name": "http://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html"
},
{
"name" : "http://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html"
"name": "75971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75971"
},
{
"name" : "75971",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75971"
"name": "20151231 Joomla! plugin Helpdesk Pro < 1.4.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jul/102"
}
]
}

68
2015/4xxx/CVE-2015-4289.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4289",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4289",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920."
"lang": "eng",
"value": "Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150730 Cisco AnyConnect Secure Mobilty Client Directory Traversal Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40175"
"name": "20150730 Cisco AnyConnect Secure Mobilty Client Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40175"
},
{
"name" : "1033173",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033173"
"name": "1033173",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033173"
}
]
}

22
2015/4xxx/CVE-2015-4309.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4309",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4309",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/4xxx/CVE-2015-4321.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4321",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4321",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724."
"lang": "eng",
"value": "The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150812 Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40440"
"name": "1033265",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033265"
},
{
"name" : "1033265",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033265"
"name": "20150812 Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40440"
}
]
}

74
2015/4xxx/CVE-2015-4451.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4451",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-4451",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086."
"lang": "eng",
"value": "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
"name": "1032892",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032892"
},
{
"name" : "75737",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75737"
"name": "https://helpx.adobe.com/security/products/reader/apsb15-15.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
},
{
"name" : "1032892",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032892"
"name": "75737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75737"
}
]
}

22
2015/4xxx/CVE-2015-4553.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4553",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4553",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/8xxx/CVE-2015-8527.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8527",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8527",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

22
2015/8xxx/CVE-2015-8528.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8528",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8528",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

80
2015/8xxx/CVE-2015-8870.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8870",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8870",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file."
"lang": "eng",
"value": "Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.floyd.ch/?p=874BMP",
"refsource" : "MISC",
"url" : "http://www.floyd.ch/?p=874BMP"
"name": "94717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94717"
},
{
"name" : "http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz",
"refsource" : "CONFIRM",
"url" : "http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz"
"name": "http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz",
"refsource": "CONFIRM",
"url": "http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz"
},
{
"name" : "RHSA-2017:0225",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0225.html"
"name": "http://www.floyd.ch/?p=874BMP",
"refsource": "MISC",
"url": "http://www.floyd.ch/?p=874BMP"
},
{
"name" : "94717",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94717"
"name": "RHSA-2017:0225",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0225.html"
}
]
}

86
2015/8xxx/CVE-2015-8902.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file."
"lang": "eng",
"value": "The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/26/13"
"name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
},
{
"name" : "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/06/2"
"name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
},
{
"name" : "http://trac.imagemagick.org/changeset/17855",
"refsource" : "CONFIRM",
"url" : "http://trac.imagemagick.org/changeset/17855"
"name": "http://trac.imagemagick.org/changeset/17855",
"refsource": "CONFIRM",
"url": "http://trac.imagemagick.org/changeset/17855"
},
{
"name" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932",
"refsource" : "CONFIRM",
"url" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195269",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
"name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932",
"refsource": "CONFIRM",
"url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932"
}
]
}

70
2015/9xxx/CVE-2015-9205.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2015-9205",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9205",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, SD 810"
"version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, SD 810"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, in a PlayReady API function, a buffer over-read can occur."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, in a PlayReady API function, a buffer over-read can occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Over-read in TrustZone"
"lang": "eng",
"value": "Buffer Over-read in TrustZone"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

62
2016/5xxx/CVE-2016-5051.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2016-5051",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5051",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26",
"version" : {
"version_data" : [
"product_name": "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26",
"version": {
"version_data": [
{
"version_value" : "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26"
"version_value": "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application."
"lang": "eng",
"value": "OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cleartext WPA2 PSK"
"lang": "eng",
"value": "Cleartext WPA2 PSK"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
"name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059"
}
]
}

62
2016/5xxx/CVE-2016-5066.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2016-5066",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5066",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version" : {
"version_data" : [
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "weak passwords"
"lang": "eng",
"value": "weak passwords"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource" : "MISC",
"url" : "https://carvesystems.com/sierra-wireless-2016-advisory.html"
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}

68
2016/5xxx/CVE-2016-5539.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5539",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5539",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name" : "93663",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93663"
"name": "93663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93663"
}
]
}

82
2018/1002xxx/CVE-2018-1002008.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2018-08-22",
"ID" : "CVE-2018-1002008",
"REQUESTER" : "kurt@seifried.org",
"STATE" : "PUBLIC",
"UPDATED" : "2017-08-10T14:41Z"
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002008",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Arigato Autoresponder and Newsletter",
"version" : {
"version_data" : [
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected" : "<=",
"version_value" : "2.5.1.8"
"version_affected": "<=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name" : "Kiboko Labs https://calendarscripts.info/"
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable."
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "45434",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45434/"
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name" : "http://www.vapidlabs.com/advisory.php?v=203",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=203"
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name" : "https://wordpress.org/plugins/bft-autoresponder/",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/bft-autoresponder/"
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}

104
2018/2xxx/CVE-2018-2401.json
View File

@ -1,88 +1,88 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2401",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2401",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Business Process Automation (BPA) By Redwood",
"version" : {
"version_data" : [
"product_name": "SAP Business Process Automation (BPA) By Redwood",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "9.00"
"version_affected": "=",
"version_value": "9.00"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
"vendor_name": "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability."
"lang": "eng",
"value": "SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "LOW",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "XML External Entity"
"lang": "eng",
"value": "XML External Entity"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/",
"refsource" : "CONFIRM",
"url" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/"
"name": "https://launchpad.support.sap.com/#/notes/2596766",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2596766"
},
{
"name" : "https://launchpad.support.sap.com/#/notes/2596766",
"refsource" : "CONFIRM",
"url" : "https://launchpad.support.sap.com/#/notes/2596766"
"name": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/"
},
{
"name" : "103374",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103374"
"name": "103374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103374"
}
]
}

114
2018/2xxx/CVE-2018-2425.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2425",
"STATE" : "PUBLIC",
"vendor_name" : "SAP SE"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2425",
"STATE": "PUBLIC",
"vendor_name": "SAP SE"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Business One",
"version" : {
"version_data" : [
"product_name": "SAP Business One",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "9.2"
"version_affected": "=",
"version_value": "9.2"
},
{
"version_affected" : "=",
"version_value" : "9.3"
"version_affected": "=",
"version_value": "9.3"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
"vendor_name": "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted."
"lang": "eng",
"value": "Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 8.4,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2588475",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2588475"
"name": "104438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104438"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
"refsource" : "CONFIRM",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
"name": "https://launchpad.support.sap.com/#/notes/2588475",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2588475"
},
{
"name" : "104438",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104438"
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

80
2018/2xxx/CVE-2018-2570.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2570",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2570",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Communications Unified Inventory Management",
"version" : {
"version_data" : [
"product_name": "Communications Unified Inventory Management",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "7.2.4.2.x"
"version_affected": "=",
"version_value": "7.2.4.2.x"
},
{
"version_affected" : "=",
"version_value" : "7.3"
"version_affected": "=",
"version_value": "7.3"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Unified Inventory Management. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)."
"lang": "eng",
"value": "Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Unified Inventory Management. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Unified Inventory Management."
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Unified Inventory Management."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "102665",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102665"
"name": "102665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102665"
},
{
"name" : "1040200",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040200"
"name": "1040200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040200"
}
]
}

84
2018/2xxx/CVE-2018-2652.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2652",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2652",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "PeopleSoft Enterprise PT PeopleTools",
"version" : {
"version_data" : [
"product_name": "PeopleSoft Enterprise PT PeopleTools",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "8.54"
"version_affected": "=",
"version_value": "8.54"
},
{
"version_affected" : "=",
"version_value" : "8.55"
"version_affected": "=",
"version_value": "8.55"
},
{
"version_affected" : "=",
"version_value" : "8.56"
"version_affected": "=",
"version_value": "8.56"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
"lang": "eng",
"value": "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data."
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "102586",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102586"
"name": "102586",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102586"
},
{
"name" : "1040204",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040204"
"name": "1040204",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040204"
}
]
}

70
2018/6xxx/CVE-2018-6288.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2018-02-01T00:00:00",
"ID" : "CVE-2018-6288",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2018-02-01T00:00:00",
"ID": "CVE-2018-6288",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Kaspersky Secure Mail Gateway",
"version" : {
"version_data" : [
"product_name": "Kaspersky Secure Mail Gateway",
"version": {
"version_data": [
{
"version_value" : "1.1"
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name" : "Kaspersky Labs"
"vendor_name": "Kaspersky Labs"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1."
"lang": "eng",
"value": "Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-site Request Forgery leading to Administrative account takeover"
"lang": "eng",
"value": "Cross-site Request Forgery leading to Administrative account takeover"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities",
"refsource" : "MISC",
"url" : "https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities"
"name": "https://support.kaspersky.com/vulnerability.aspx?el=12430#010218",
"refsource": "CONFIRM",
"url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#010218"
},
{
"name" : "https://support.kaspersky.com/vulnerability.aspx?el=12430#010218",
"refsource" : "CONFIRM",
"url" : "https://support.kaspersky.com/vulnerability.aspx?el=12430#010218"
"name": "https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities"
}
]
}

64
2018/6xxx/CVE-2018-6300.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2018-03-12T00:00:00",
"ID" : "CVE-2018-6300",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2018-03-12T00:00:00",
"ID": "CVE-2018-6300",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Hanwha Techwin Smartcams",
"version" : {
"version_data" : [
"product_name": "Hanwha Techwin Smartcams",
"version": {
"version_data": [
{
"version_value" : "7.55"
"version_value": "7.55"
}
]
}
}
]
},
"vendor_name" : "Hanwha Techwin"
"vendor_name": "Hanwha Techwin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Remote password change in Hanwha Techwin Smartcams"
"lang": "eng",
"value": "Remote password change in Hanwha Techwin Smartcams"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote password change"
"lang": "eng",
"value": "Remote password change"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/",
"refsource" : "MISC",
"url" : "https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/"
"name": "https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/",
"refsource": "MISC",
"url": "https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/"
}
]
}

22
2018/6xxx/CVE-2018-6478.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6478",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6478",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/6xxx/CVE-2018-6887.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6887",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6887",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/6xxx/CVE-2018-6934.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6934",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6934",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3."
"lang": "eng",
"value": "CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://0day4u.wordpress.com/2018/03/12/97/",
"refsource" : "MISC",
"url" : "https://0day4u.wordpress.com/2018/03/12/97/"
"name": "https://0day4u.wordpress.com/2018/03/12/97/",
"refsource": "MISC",
"url": "https://0day4u.wordpress.com/2018/03/12/97/"
}
]
}

68
2018/7xxx/CVE-2018-7485.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7485",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7485",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact."
"lang": "eng",
"value": "The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24",
"refsource" : "MISC",
"url" : "https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24"
"name": "https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24",
"refsource": "MISC",
"url": "https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24"
},
{
"name" : "103193",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103193"
"name": "103193",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103193"
}
]
}

22
2019/1xxx/CVE-2019-1179.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1179",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1179",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1734.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1734",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1734",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1907.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1907",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1907",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5120.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5120",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5120",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5307.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5307",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5307",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5362.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5362",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5362",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2019/5xxx/CVE-2019-5489.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5489",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5489",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server."
"lang": "eng",
"value": "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e",
"refsource" : "MISC",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e"
"name": "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/",
"refsource": "MISC",
"url": "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/"
},
{
"name" : "https://arxiv.org/abs/1901.01161",
"refsource" : "MISC",
"url" : "https://arxiv.org/abs/1901.01161"
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1120843",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1120843"
},
{
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1120843",
"refsource" : "MISC",
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1120843"
"name": "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e"
},
{
"name" : "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e",
"refsource" : "MISC",
"url" : "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e"
"name": "https://arxiv.org/abs/1901.01161",
"refsource": "MISC",
"url": "https://arxiv.org/abs/1901.01161"
},
{
"name" : "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/",
"refsource" : "MISC",
"url" : "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/"
"name": "https://security.netapp.com/advisory/ntap-20190307-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190307-0001/"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20190307-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190307-0001/"
"name": "106478",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106478"
},
{
"name" : "106478",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106478"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e"
}
]
}