admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:12:15 +00:00
parent 1d342560dd
commit ecb781e3fc
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 3520 additions and 3520 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2001/0xxx/CVE-2001-0368.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0368", "ID": "CVE-2001-0368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack." "value": "Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010430 A Serious Security Vulnerability Found in BearShare (Directory Traversal)", "name": "1810",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/180644" "url": "http://www.osvdb.org/1810"
}, },
{ {
"name" : "2672", "name": "bearshare-dot-download-files(6481)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/2672" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6481"
}, },
{ {
"name" : "bearshare-dot-download-files(6481)", "name": "20010430 A Serious Security Vulnerability Found in BearShare (Directory Traversal)",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6481" "url": "http://www.securityfocus.com/archive/1/180644"
}, },
{ {
"name" : "1810", "name": "2672",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/1810" "url": "http://www.securityfocus.com/bid/2672"
} }
] ]
} }

74
2001/0xxx/CVE-2001-0860.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0860", "ID": "CVE-2001-0860",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT)." "value": "Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20011114 Xato Advisory: Win2k/XP Terminal Services IP Spoofing", "name": "win-terminal-spoof-address(7538)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=100578220002083&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7538"
}, },
{ {
"name" : "win-terminal-spoof-address(7538)", "name": "20011114 Xato Advisory: Win2k/XP Terminal Services IP Spoofing",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7538" "url": "http://marc.info/?l=bugtraq&m=100578220002083&w=2"
}, },
{ {
"name" : "3541", "name": "3541",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3541" "url": "http://www.securityfocus.com/bid/3541"
} }
] ]
} }

86
2001/0xxx/CVE-2001-0871.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0871", "ID": "CVE-2001-0871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10." "value": "Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20011129 Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution", "name": "20011129 Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=100714173510535&w=2" "url": "http://marc.info/?l=bugtraq&m=100714173510535&w=2"
}, },
{ {
"name" : "VU#220715", "name": "alchemy-http-dot-commands(7625)",
"refsource" : "CERT-VN", "refsource": "XF",
"url" : "http://www.kb.cert.org/vuls/id/220715" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7625"
}, },
{ {
"name" : "3599", "name": "alchemy-http-dot-variant(7626)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/3599" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7626"
}, },
{ {
"name" : "alchemy-http-dot-commands(7625)", "name": "3599",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7625" "url": "http://www.securityfocus.com/bid/3599"
}, },
{ {
"name" : "alchemy-http-dot-variant(7626)", "name": "VU#220715",
"refsource" : "XF", "refsource": "CERT-VN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7626" "url": "http://www.kb.cert.org/vuls/id/220715"
} }
] ]
} }

80
2001/1xxx/CVE-2001-1332.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1332", "ID": "CVE-2001-1332",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code." "value": "Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "CLA-2001:384", "name": "SuSE-SA:2002:005",
"refsource" : "CONECTIVA", "refsource": "SUSE",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000384" "url": "http://lists2.suse.com/archive/suse-security-announce/2001-Mar/0000.html"
}, },
{ {
"name" : "CLA-2001:386", "name": "CLA-2001:386",
"refsource" : "CONECTIVA", "refsource": "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386" "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386"
}, },
{ {
"name" : "MDKSA-2001:048", "name": "MDKSA-2001:048",
"refsource" : "MANDRAKE", "refsource": "MANDRAKE",
"url" : "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-048.php3" "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-048.php3"
}, },
{ {
"name" : "SuSE-SA:2002:005", "name": "CLA-2001:384",
"refsource" : "SUSE", "refsource": "CONECTIVA",
"url" : "http://lists2.suse.com/archive/suse-security-announce/2001-Mar/0000.html" "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000384"
} }
] ]
} }

74
2001/1xxx/CVE-2001-1343.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1343", "ID": "CVE-2001-1343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter." "value": "ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010612 bug", "name": "20010612 bug",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html"
}, },
{ {
"name" : "2861", "name": "2861",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/2861" "url": "http://www.securityfocus.com/bid/2861"
}, },
{ {
"name" : "webstore-cgi-command-execution(6685)", "name": "webstore-cgi-command-execution(6685)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685"
} }
] ]
} }

80
2006/2xxx/CVE-2006-2090.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2090", "ID": "CVE-2006-2090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) username parameters." "value": "Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) username parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060426 MySmartBB<---v 1.1.x SQL Injection/XSS", "name": "20060426 MySmartBB<---v 1.1.x SQL Injection/XSS",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/432095/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/432095/100/0/threaded"
}, },
{ {
"name" : "17707", "name": "mysmartbb-misc-sql-injection(26088)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17707" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26088"
}, },
{ {
"name" : "807", "name": "17707",
"refsource" : "SREASON", "refsource": "BID",
"url" : "http://securityreason.com/securityalert/807" "url": "http://www.securityfocus.com/bid/17707"
}, },
{ {
"name" : "mysmartbb-misc-sql-injection(26088)", "name": "807",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26088" "url": "http://securityreason.com/securityalert/807"
} }
] ]
} }

86
2006/2xxx/CVE-2006-2800.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2800", "ID": "CVE-2006-2800",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u_a or (2) u_s parameters. NOTE: this might be resultant from SQL injection." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u_a or (2) u_s parameters. NOTE: this might be resultant from SQL injection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2006/06/unak-cms-vuln.html", "name": "20410",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://pridels0.blogspot.com/2006/06/unak-cms-vuln.html" "url": "http://secunia.com/advisories/20410"
}, },
{ {
"name" : "18253", "name": "ADV-2006-2116",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/18253" "url": "http://www.vupen.com/english/advisories/2006/2116"
}, },
{ {
"name" : "ADV-2006-2116", "name": "18253",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/2116" "url": "http://www.securityfocus.com/bid/18253"
}, },
{ {
"name" : "20410", "name": "unakcms-ua-us-xss(26896)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/20410" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26896"
}, },
{ {
"name" : "unakcms-ua-us-xss(26896)", "name": "http://pridels0.blogspot.com/2006/06/unak-cms-vuln.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26896" "url": "http://pridels0.blogspot.com/2006/06/unak-cms-vuln.html"
} }
] ]
} }

22
2006/2xxx/CVE-2006-2938.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-2938", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2006-2938",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2937. Reason: This candidate was withdrawn by its CNA. it was incorrectly used to identify CVE-2006-2937. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2937. Reason: This candidate was withdrawn by its CNA. it was incorrectly used to identify CVE-2006-2937. Notes: none."
} }
] ]
} }

116
2006/2xxx/CVE-2006-2964.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2964", "ID": "CVE-2006-2964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php." "value": "Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060605 Multiple file include exploits in Xtreme Downloads v.1.0", "name": "26647",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/436107/100/0/threaded" "url": "http://www.osvdb.org/26647"
}, },
{ {
"name" : "20060605 file include in Xtreme Downloads v.1.0", "name": "26645",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/436104/100/0/threaded" "url": "http://www.osvdb.org/26645"
}, },
{ {
"name" : "26643", "name": "26643",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26643" "url": "http://www.osvdb.org/26643"
}, },
{ {
"name" : "26644", "name": "26646",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26644" "url": "http://www.osvdb.org/26646"
}, },
{ {
"name" : "26645", "name": "xtremedownloads-root-file-include(26961)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/26645" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26961"
}, },
{ {
"name" : "26646", "name": "20060605 Multiple file include exploits in Xtreme Downloads v.1.0",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/26646" "url": "http://www.securityfocus.com/archive/1/436107/100/0/threaded"
}, },
{ {
"name" : "26647", "name": "1072",
"refsource" : "OSVDB", "refsource": "SREASON",
"url" : "http://www.osvdb.org/26647" "url": "http://securityreason.com/securityalert/1072"
}, },
{ {
"name" : "26648", "name": "20060605 file include in Xtreme Downloads v.1.0",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/26648" "url": "http://www.securityfocus.com/archive/1/436104/100/0/threaded"
}, },
{ {
"name" : "1072", "name": "26644",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/1072" "url": "http://www.osvdb.org/26644"
}, },
{ {
"name" : "xtremedownloads-root-file-include(26961)", "name": "26648",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26961" "url": "http://www.osvdb.org/26648"
} }
] ]
} }

92
2006/6xxx/CVE-2006-6247.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6247", "ID": "CVE-2006-6247",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp." "value": "Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061126 uPhotoGallery (v 1.1) SQL Injection", "name": "1950",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/452827/100/0/threaded" "url": "http://securityreason.com/securityalert/1950"
}, },
{ {
"name" : "20070204 Uphotogallery Multiple Cross-Site Scripting Vulnerability", "name": "20070204 Uphotogallery Multiple Cross-Site Scripting Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459187/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/459187/100/0/threaded"
}, },
{ {
"name" : "http://www.aria-security.com/forum/showthread.php?t=53", "name": "21319",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.aria-security.com/forum/showthread.php?t=53" "url": "http://www.securityfocus.com/bid/21319"
}, },
{ {
"name" : "21319", "name": "uphotogallery-multiple-sql-injection(30556)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/21319" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30556"
}, },
{ {
"name" : "1950", "name": "20061126 uPhotoGallery (v 1.1) SQL Injection",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/1950" "url": "http://www.securityfocus.com/archive/1/452827/100/0/threaded"
}, },
{ {
"name" : "uphotogallery-multiple-sql-injection(30556)", "name": "http://www.aria-security.com/forum/showthread.php?t=53",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30556" "url": "http://www.aria-security.com/forum/showthread.php?t=53"
} }
] ]
} }

80
2006/6xxx/CVE-2006-6620.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6620", "ID": "CVE-2006-6620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB." "value": "Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061215 Bypassing process identification of several personal firewalls and HIPS", "name": "http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/454522/100/0/threaded" "url": "http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php"
}, },
{ {
"name" : "http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip", "name": "20061215 Bypassing process identification of several personal firewalls and HIPS",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip" "url": "http://www.securityfocus.com/archive/1/454522/100/0/threaded"
}, },
{ {
"name" : "http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php", "name": "21615",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.matousec.com/info/advisories/Bypassing-process-identification-serveral-personal-firewalls-HIPS.php" "url": "http://www.securityfocus.com/bid/21615"
}, },
{ {
"name" : "21615", "name": "http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/21615" "url": "http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip"
} }
] ]
} }

92
2008/5xxx/CVE-2008-5725.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5725", "ID": "CVE-2008-5725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \\Device\\Powerstrip1 that overwrites portions of memory." "value": "The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \\Device\\Powerstrip1 that overwrites portions of memory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7533", "name": "32961",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7533" "url": "http://www.securityfocus.com/bid/32961"
}, },
{ {
"name" : "http://www.ntinternals.org/ntiadv0810/ntiadv0810.html", "name": "33249",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.ntinternals.org/ntiadv0810/ntiadv0810.html" "url": "http://secunia.com/advisories/33249"
}, },
{ {
"name" : "32961", "name": "http://www.ntinternals.org/ntiadv0810/ntiadv0810.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/32961" "url": "http://www.ntinternals.org/ntiadv0810/ntiadv0810.html"
}, },
{ {
"name" : "33249", "name": "4809",
"refsource" : "SECUNIA", "refsource": "SREASON",
"url" : "http://secunia.com/advisories/33249" "url": "http://securityreason.com/securityalert/4809"
}, },
{ {
"name" : "4809", "name": "7533",
"refsource" : "SREASON", "refsource": "EXPLOIT-DB",
"url" : "http://securityreason.com/securityalert/4809" "url": "https://www.exploit-db.com/exploits/7533"
}, },
{ {
"name" : "powerstrip-pstrip-priv-escalation(47532)", "name": "powerstrip-pstrip-priv-escalation(47532)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47532" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47532"
} }
] ]
} }

68
2011/2xxx/CVE-2011-2059.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2011-2059", "ID": "CVE-2011-2059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219." "value": "The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor", "name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor" "url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0"
}, },
{ {
"name" : "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0", "name": "http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0" "url": "http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor"
} }
] ]
} }

80
2011/2xxx/CVE-2011-2423.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-2423", "ID": "CVE-2011-2423",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." "value": "msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-19.html", "name": "74429",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-19.html" "url": "http://osvdb.org/74429"
}, },
{ {
"name" : "TA11-222A", "name": "TA11-222A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-222A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA11-222A.html"
}, },
{ {
"name" : "74429", "name": "asp-msvcr90-code-execution(69133)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/74429" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69133"
}, },
{ {
"name" : "asp-msvcr90-code-execution(69133)", "name": "http://www.adobe.com/support/security/bulletins/apsb11-19.html",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69133" "url": "http://www.adobe.com/support/security/bulletins/apsb11-19.html"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2538.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2538", "ID": "CVE-2011-2538",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2011/2xxx/CVE-2011-2905.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2905", "ID": "CVE-2011-2905",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory." "value": "Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110809 Re: CVE request: perf: may parse user-controlled config file", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=729808",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/08/09/6" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=729808"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=aba8d056078e47350d85b06a9cabd5afcc4b72ea", "name": "https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=aba8d056078e47350d85b06a9cabd5afcc4b72ea" "url": "https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1", "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=729808", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=aba8d056078e47350d85b06a9cabd5afcc4b72ea",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=729808" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=aba8d056078e47350d85b06a9cabd5afcc4b72ea"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea", "name": "[oss-security] 20110809 Re: CVE request: perf: may parse user-controlled config file",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea" "url": "http://www.openwall.com/lists/oss-security/2011/08/09/6"
} }
] ]
} }

104
2011/3xxx/CVE-2011-3091.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3091", "ID": "CVE-2011-3091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors." "value": "Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=121734", "name": "GLSA-201205-03",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://code.google.com/p/chromium/issues/detail?id=121734" "url": "http://security.gentoo.org/glsa/glsa-201205-03.xml"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", "name": "openSUSE-SU-2012:0656",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html"
}, },
{ {
"name" : "GLSA-201205-03", "name": "1027067",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "http://security.gentoo.org/glsa/glsa-201205-03.xml" "url": "http://www.securitytracker.com/id?1027067"
}, },
{ {
"name" : "openSUSE-SU-2012:0656", "name": "oval:org.mitre.oval:def:15196",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15196"
}, },
{ {
"name" : "53540", "name": "chrome-indexeddb-code-exec(75596)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/53540" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75596"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15196", "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15196" "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html"
}, },
{ {
"name" : "1027067", "name": "53540",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1027067" "url": "http://www.securityfocus.com/bid/53540"
}, },
{ {
"name" : "chrome-indexeddb-code-exec(75596)", "name": "http://code.google.com/p/chromium/issues/detail?id=121734",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75596" "url": "http://code.google.com/p/chromium/issues/detail?id=121734"
} }
] ]
} }

62
2011/3xxx/CVE-2011-3856.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3856", "ID": "CVE-2011-3856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter." "value": "Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://sitewat.ch/en/Advisories/14", "name": "https://sitewat.ch/en/Advisories/14",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sitewat.ch/en/Advisories/14" "url": "https://sitewat.ch/en/Advisories/14"
} }
] ]
} }

92
2011/3xxx/CVE-2011-3974.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3974", "ID": "CVE-2011-3974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362." "value": "Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=bd968d260aef322fb32e254a3de0d2036c57bd56", "name": "MDVSA-2012:076",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=bd968d260aef322fb32e254a3de0d2036c57bd56" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076"
}, },
{ {
"name" : "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog", "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=bd968d260aef322fb32e254a3de0d2036c57bd56",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog" "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=bd968d260aef322fb32e254a3de0d2036c57bd56"
}, },
{ {
"name" : "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog", "name": "MDVSA-2012:074",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:074"
}, },
{ {
"name" : "MDVSA-2012:074", "name": "MDVSA-2012:075",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:074" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075"
}, },
{ {
"name" : "MDVSA-2012:075", "name": "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:075" "url": "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog"
}, },
{ {
"name" : "MDVSA-2012:076", "name": "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076" "url": "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog"
} }
] ]
} }

74
2011/3xxx/CVE-2011-3995.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2011-3995", "ID": "CVE-2011-3995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic." "value": "Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "JVN#50227837", "name": "JVN#50227837",
"refsource" : "JVN", "refsource": "JVN",
"url" : "http://jvn.jp/en/jp/JVN50227837/index.html" "url": "http://jvn.jp/en/jp/JVN50227837/index.html"
}, },
{ {
"name" : "JVNDB-2011-000089", "name": "touhouhisouten-unspecified-dos(71027)",
"refsource" : "JVNDB", "refsource": "XF",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000089" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71027"
}, },
{ {
"name" : "touhouhisouten-unspecified-dos(71027)", "name": "JVNDB-2011-000089",
"refsource" : "XF", "refsource": "JVNDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71027" "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000089"
} }
] ]
} }

80
2011/4xxx/CVE-2011-4531.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2011-4531", "ID": "CVE-2011-4531",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command." "value": "Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://aluigi.altervista.org/adv/almsrvx_1-adv.txt", "name": "http://support.automation.siemens.com/WW/view/en/114358",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://aluigi.altervista.org/adv/almsrvx_1-adv.txt" "url": "http://support.automation.siemens.com/WW/view/en/114358"
}, },
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf", "name": "http://aluigi.altervista.org/adv/almsrvx_1-adv.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf" "url": "http://aluigi.altervista.org/adv/almsrvx_1-adv.txt"
}, },
{ {
"name" : "http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content", "name": "http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content" "url": "http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content"
}, },
{ {
"name" : "http://support.automation.siemens.com/WW/view/en/114358", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://support.automation.siemens.com/WW/view/en/114358" "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf"
} }
] ]
} }

68
2013/0xxx/CVE-2013-0670.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2013-0670", "ID": "CVE-2013-0670",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL." "value": "CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf", "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf" "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf"
}, },
{ {
"name" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf", "name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf" "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
} }
] ]
} }

86
2013/0xxx/CVE-2013-0986.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-0986", "ID": "CVE-2013-0986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file." "value": "Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5770", "name": "APPLE-SA-2013-05-22-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5770" "url": "http://lists.apple.com/archives/security-announce/2013/May/msg00001.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5784", "name": "http://support.apple.com/kb/HT5770",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5784" "url": "http://support.apple.com/kb/HT5770"
}, },
{ {
"name" : "APPLE-SA-2013-05-22-1", "name": "http://support.apple.com/kb/HT5784",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2013/May/msg00001.html" "url": "http://support.apple.com/kb/HT5784"
}, },
{ {
"name" : "APPLE-SA-2013-06-04-1", "name": "APPLE-SA-2013-06-04-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16794", "name": "oval:org.mitre.oval:def:16794",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16794" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16794"
} }
] ]
} }

62
2013/1xxx/CVE-2013-1179.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-1179", "ID": "CVE-2013-1179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830." "value": "Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products", "name": "20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti"
} }
] ]
} }

74
2013/1xxx/CVE-2013-1308.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2013-1308", "ID": "CVE-2013-1308",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer Use After Free Vulnerability,\" a different vulnerability than CVE-2013-1309 and CVE-2013-2551." "value": "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer Use After Free Vulnerability,\" a different vulnerability than CVE-2013-1309 and CVE-2013-2551."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS13-037", "name": "MS13-037",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037"
}, },
{ {
"name" : "TA13-134A", "name": "TA13-134A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-134A" "url": "http://www.us-cert.gov/ncas/alerts/TA13-134A"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16415", "name": "oval:org.mitre.oval:def:16415",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16415" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16415"
} }
] ]
} }

74
2013/1xxx/CVE-2013-1637.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1637", "ID": "CVE-2013-1637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events." "value": "Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.opera.com/docs/changelogs/unified/1213/", "name": "http://www.opera.com/support/kb/view/1042/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unified/1213/" "url": "http://www.opera.com/support/kb/view/1042/"
}, },
{ {
"name" : "http://www.opera.com/support/kb/view/1042/", "name": "http://www.opera.com/docs/changelogs/unified/1213/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/1042/" "url": "http://www.opera.com/docs/changelogs/unified/1213/"
}, },
{ {
"name" : "openSUSE-SU-2013:0289", "name": "openSUSE-SU-2013:0289",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.html"
} }
] ]
} }

80
2013/4xxx/CVE-2013-4068.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-4068", "ID": "CVE-2013-4068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8." "value": "Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21649476", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21649476" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21650034", "name": "ibm-inotes-cve20134068-bo(86599)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21650034" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21650146", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21650146" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
}, },
{ {
"name" : "ibm-inotes-cve20134068-bo(86599)", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
} }
] ]
} }

22
2013/5xxx/CVE-2013-5063.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-5063", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2013-5063",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }

74
2013/5xxx/CVE-2013-5119.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5119", "ID": "CVE-2013-5119",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token." "value": "Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130913 Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability", "name": "97290",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-09/0063.html" "url": "http://osvdb.org/97290"
}, },
{ {
"name" : "62407", "name": "62407",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/62407" "url": "http://www.securityfocus.com/bid/62407"
}, },
{ {
"name" : "97290", "name": "20130913 Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://osvdb.org/97290" "url": "http://archives.neohapsis.com/archives/bugtraq/2013-09/0063.html"
} }
] ]
} }

110
2013/5xxx/CVE-2013-5315.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5315", "ID": "CVE-2013-5315",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174." "value": "Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130724 [Security-news] SA-CONTRIB-2013-060 - Scald - Cross Site Scripting (XSS)", "name": "95625",
"refsource" : "FULLDISC", "refsource": "OSVDB",
"url" : "http://seclists.org/fulldisclosure/2013/Jul/224" "url": "http://osvdb.org/95625"
}, },
{ {
"name" : "https://drupal.org/node/2049415", "name": "54144",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "https://drupal.org/node/2049415" "url": "http://secunia.com/advisories/54144"
}, },
{ {
"name" : "http://drupalcode.org/project/scald.git/blobdiff/9ce68f67a25200afa5256f567ef89bc4b9fd705e..974a5e29f502a58e6a955d69a85bb5f16c1c8b3e:/mee/mee.module", "name": "scald-atomtitle-xss(85964)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://drupalcode.org/project/scald.git/blobdiff/9ce68f67a25200afa5256f567ef89bc4b9fd705e..974a5e29f502a58e6a955d69a85bb5f16c1c8b3e:/mee/mee.module" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85964"
}, },
{ {
"name" : "http://drupalcode.org/project/scald.git/commitdiff/32db1ee", "name": "https://drupal.org/node/2049239",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupalcode.org/project/scald.git/commitdiff/32db1ee" "url": "https://drupal.org/node/2049239"
}, },
{ {
"name" : "https://drupal.org/node/2049239", "name": "http://drupalcode.org/project/scald.git/commitdiff/32db1ee",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://drupal.org/node/2049239" "url": "http://drupalcode.org/project/scald.git/commitdiff/32db1ee"
}, },
{ {
"name" : "61426", "name": "http://drupalcode.org/project/scald.git/blobdiff/9ce68f67a25200afa5256f567ef89bc4b9fd705e..974a5e29f502a58e6a955d69a85bb5f16c1c8b3e:/mee/mee.module",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/61426" "url": "http://drupalcode.org/project/scald.git/blobdiff/9ce68f67a25200afa5256f567ef89bc4b9fd705e..974a5e29f502a58e6a955d69a85bb5f16c1c8b3e:/mee/mee.module"
}, },
{ {
"name" : "95625", "name": "20130724 [Security-news] SA-CONTRIB-2013-060 - Scald - Cross Site Scripting (XSS)",
"refsource" : "OSVDB", "refsource": "FULLDISC",
"url" : "http://osvdb.org/95625" "url": "http://seclists.org/fulldisclosure/2013/Jul/224"
}, },
{ {
"name" : "54144", "name": "https://drupal.org/node/2049415",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/54144" "url": "https://drupal.org/node/2049415"
}, },
{ {
"name" : "scald-atomtitle-xss(85964)", "name": "61426",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85964" "url": "http://www.securityfocus.com/bid/61426"
} }
] ]
} }

86
2013/5xxx/CVE-2013-5588.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2013-5588", "ID": "CVE-2013-5588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.cacti.net/view.php?id=2383", "name": "62001",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://bugs.cacti.net/view.php?id=2383" "url": "http://www.securityfocus.com/bid/62001"
}, },
{ {
"name" : "DSA-2747", "name": "54652",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2013/dsa-2747" "url": "http://secunia.com/advisories/54652"
}, },
{ {
"name" : "openSUSE-SU-2015:0479", "name": "DSA-2747",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html" "url": "http://www.debian.org/security/2013/dsa-2747"
}, },
{ {
"name" : "62001", "name": "http://bugs.cacti.net/view.php?id=2383",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/62001" "url": "http://bugs.cacti.net/view.php?id=2383"
}, },
{ {
"name" : "54652", "name": "openSUSE-SU-2015:0479",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/54652" "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
} }
] ]
} }

22
2013/5xxx/CVE-2013-5978.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5978", "ID": "CVE-2013-5978",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2014/2xxx/CVE-2014-2137.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2137", "ID": "CVE-2014-2137",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002." "value": "CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
}, },
{ {
"name" : "20140401 Cisco WSA HTTP Header Injection Vulnerability", "name": "20140401 Cisco WSA HTTP Header Injection Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
} }
] ]
} }

62
2014/2xxx/CVE-2014-2720.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2720", "ID": "CVE-2014-2720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header." "value": "IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.xchg.info/?p=418", "name": "http://www.xchg.info/?p=418",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.xchg.info/?p=418" "url": "http://www.xchg.info/?p=418"
} }
] ]
} }

68
2014/2xxx/CVE-2014-2881.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2881", "ID": "CVE-2014-2881",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors." "value": "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.citrix.com/article/CTX140651", "name": "1030180",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://support.citrix.com/article/CTX140651" "url": "http://www.securitytracker.com/id/1030180"
}, },
{ {
"name" : "1030180", "name": "http://support.citrix.com/article/CTX140651",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1030180" "url": "http://support.citrix.com/article/CTX140651"
} }
] ]
} }

22
2017/0xxx/CVE-2017-0172.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0172", "ID": "CVE-2017-0172",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2017/0xxx/CVE-2017-0249.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0249", "ID": "CVE-2017-0249",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ASP.NET Core", "product_name": "ASP.NET Core",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ASP.NET Core" "version_value": "ASP.NET Core"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests." "value": "An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of Privilege" "value": "Elevation of Privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/aspnet/Announcements/issues/239", "name": "https://github.com/aspnet/Announcements/issues/239",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/aspnet/Announcements/issues/239" "url": "https://github.com/aspnet/Announcements/issues/239"
} }
] ]
} }

82
2017/0xxx/CVE-2017-0411.json
View File

@ -1,79 +1,79 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0411", "ID": "CVE-2017-0411",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690." "value": "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "41354", "name": "41354",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41354/" "url": "https://www.exploit-db.com/exploits/41354/"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2017-02-01.html", "name": "1037798",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://source.android.com/security/bulletin/2017-02-01.html" "url": "http://www.securitytracker.com/id/1037798"
}, },
{ {
"name" : "96056", "name": "96056",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/96056" "url": "http://www.securityfocus.com/bid/96056"
}, },
{ {
"name" : "1037798", "name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037798" "url": "https://source.android.com/security/bulletin/2017-02-01.html"
} }
] ]
} }

70
2017/0xxx/CVE-2017-0710.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-07-05T00:00:00", "DATE_PUBLIC": "2017-07-05T00:00:00",
"ID" : "CVE-2017-0710", "ID": "CVE-2017-0710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android kernel" "version_value": "Android kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A elevation of privilege vulnerability in the Upstream Linux tcb. Product: Android. Versions: Android kernel. Android ID: A-34951864." "value": "A elevation of privilege vulnerability in the Upstream Linux tcb. Product: Android. Versions: Android kernel. Android ID: A-34951864."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01" "url": "https://source.android.com/security/bulletin/2017-07-01"
}, },
{ {
"name" : "99468", "name": "99468",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/99468" "url": "http://www.securityfocus.com/bid/99468"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000176.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.392975", "DATE_ASSIGNED": "2017-08-22T17:29:33.392975",
"ID" : "CVE-2017-1000176", "ID": "CVE-2017-1000176",
"REQUESTER" : "vuln_reporter@srcms.xyz", "REQUESTER": "vuln_reporter@srcms.xyz",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "swftools", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "latest" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In SWFTools, a memcpy buffer overflow was found in swfc." "value": "In SWFTools, a memcpy buffer overflow was found in swfc."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Overflow" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/matthiaskramm/swftools/issues/23", "name": "https://github.com/matthiaskramm/swftools/issues/23",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/matthiaskramm/swftools/issues/23" "url": "https://github.com/matthiaskramm/swftools/issues/23"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000190.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.413120", "DATE_ASSIGNED": "2017-08-22T17:29:33.413120",
"ID" : "CVE-2017-1000190", "ID": "CVE-2017-1000190",
"REQUESTER" : "exploitcat@foxmail.com", "REQUESTER": "exploitcat@foxmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SimpleXML", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.7.1 lastest version" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SimpleXML" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on." "value": "SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XML External Entity (XXE)" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ngallagher/simplexml/issues/18", "name": "https://github.com/ngallagher/simplexml/issues/18",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/ngallagher/simplexml/issues/18" "url": "https://github.com/ngallagher/simplexml/issues/18"
} }
] ]
} }

22
2017/12xxx/CVE-2017-12842.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12842", "ID": "CVE-2017-12842",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2017/12xxx/CVE-2017-12875.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12875", "ID": "CVE-2017-12875",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file." "value": "The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/659", "name": "USN-3681-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/659" "url": "https://usn.ubuntu.com/3681-1/"
}, },
{ {
"name" : "USN-3681-1", "name": "https://github.com/ImageMagick/ImageMagick/issues/659",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3681-1/" "url": "https://github.com/ImageMagick/ImageMagick/issues/659"
} }
] ]
} }

70
2017/16xxx/CVE-2017-16154.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2017-16154", "ID": "CVE-2017-16154",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "earlybird node module", "product_name": "earlybird node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url." "value": "earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Path Traversal (CWE-22)" "value": "Path Traversal (CWE-22)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/earlybird", "name": "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/earlybird",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/earlybird" "url": "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/earlybird"
}, },
{ {
"name" : "https://nodesecurity.io/advisories/380", "name": "https://nodesecurity.io/advisories/380",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://nodesecurity.io/advisories/380" "url": "https://nodesecurity.io/advisories/380"
} }
] ]
} }

22
2017/16xxx/CVE-2017-16294.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16294", "ID": "CVE-2017-16294",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16320.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16320", "ID": "CVE-2017-16320",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4226.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4226", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4226",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4393.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4393", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4393",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

98
2017/4xxx/CVE-2017-4902.json
View File

@ -1,99 +1,99 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@vmware.com", "ASSIGNER": "security@vmware.com",
"ID" : "CVE-2017-4902", "ID": "CVE-2017-4902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ESXi", "product_name": "ESXi",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.5 without patch ESXi650-201703410-SG" "version_value": "6.5 without patch ESXi650-201703410-SG"
}, },
{ {
"version_value" : "5.5 without patch ESXi550-201703401-SG" "version_value": "5.5 without patch ESXi550-201703401-SG"
} }
] ]
} }
}, },
{ {
"product_name" : "Workstation Pro / Player", "product_name": "Workstation Pro / Player",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.x prior to 12.5.5" "version_value": "12.x prior to 12.5.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Fusion Pro / Fusion", "product_name": "Fusion Pro / Fusion",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8.x prior to 8.5.6" "version_value": "8.x prior to 8.5.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "VMware" "vendor_name": "VMware"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host." "value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap Buffer Overflow" "value": "Heap Buffer Overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html", "name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2017-0006.html" "url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
}, },
{ {
"name" : "97163", "name": "1038148",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/97163" "url": "http://www.securitytracker.com/id/1038148"
}, },
{ {
"name" : "1038148", "name": "97163",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038148" "url": "http://www.securityfocus.com/bid/97163"
}, },
{ {
"name" : "1038149", "name": "1038149",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038149" "url": "http://www.securitytracker.com/id/1038149"
} }
] ]
} }

62
2017/4xxx/CVE-2017-4970.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2017-4970", "ID": "CVE-2017-4970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cloud Foundry", "product_name": "Cloud Foundry",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cloud Foundry" "version_value": "Cloud Foundry"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application root. Applications containing a Staticfile.auth file but not a Static file had their basic auth turned off when an operator upgraded the Static file build pack in the foundation to one of the vulnerable versions. Note that Static file applications without a Static file are technically misconfigured, and will not successfully detect unless the Static file build pack is explicitly specified." "value": "An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 - v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be ignored when the Static file file is not present in the application root. Applications containing a Staticfile.auth file but not a Static file had their basic auth turned off when an operator upgraded the Static file build pack in the foundation to one of the vulnerable versions. Note that Static file applications without a Static file are technically misconfigured, and will not successfully detect unless the Static file build pack is explicitly specified."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Staticfile buildpack ignores basic authentication when misconfigured" "value": "Staticfile buildpack ignores basic authentication when misconfigured"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.cloudfoundry.org/cve-2017-4970/", "name": "https://www.cloudfoundry.org/cve-2017-4970/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.cloudfoundry.org/cve-2017-4970/" "url": "https://www.cloudfoundry.org/cve-2017-4970/"
} }
] ]
} }

62
2018/5xxx/CVE-2018-5087.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5087", "ID": "CVE-2018-5087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100." "value": "In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100", "name": "https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100" "url": "https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x83002100"
} }
] ]
} }

88
2018/5xxx/CVE-2018-5132.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2018-5132", "ID": "CVE-2018-5132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "59" "version_value": "59"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Find API for WebExtensions can search some privileged pages, such as \"about:debugging\", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59." "value": "The Find API for WebExtensions can search some privileged pages, such as \"about:debugging\", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebExtension Find API can search privileged pages" "value": "WebExtension Find API can search privileged pages"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1408194", "name": "103386",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1408194" "url": "http://www.securityfocus.com/bid/103386"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-06/", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408194",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-06/" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408194"
}, },
{ {
"name" : "USN-3596-1", "name": "1040514",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "https://usn.ubuntu.com/3596-1/" "url": "http://www.securitytracker.com/id/1040514"
}, },
{ {
"name" : "103386", "name": "USN-3596-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/103386" "url": "https://usn.ubuntu.com/3596-1/"
}, },
{ {
"name" : "1040514", "name": "https://www.mozilla.org/security/advisories/mfsa2018-06/",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1040514" "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/"
} }
] ]
} }

62
2018/5xxx/CVE-2018-5270.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5270", "ID": "CVE-2018-5270",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they \"have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit).\"" "value": "** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they \"have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit).\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e010", "name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e010",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e010" "url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e010"
} }
] ]
} }

74
2018/5xxx/CVE-2018-5726.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5726", "ID": "CVE-2018-5726",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings." "value": "MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "43693", "name": "43693",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43693/" "url": "https://www.exploit-db.com/exploits/43693/"
}, },
{ {
"name" : "http://syrion.me/blog/master-ipcam/", "name": "http://syrion.me/blog/master-ipcam/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://syrion.me/blog/master-ipcam/" "url": "http://syrion.me/blog/master-ipcam/"
}, },
{ {
"name" : "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html", "name": "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html" "url": "https://packetstormsecurity.com/files/145935/Master-IP-CAM-01-Hardcoded-Password-Unauthenticated-Access.html"
} }
] ]
} }

64
2018/5xxx/CVE-2018-5851.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-05-11T00:00:00", "DATE_PUBLIC": "2018-05-11T00:00:00",
"ID" : "CVE-2018-5851", "ID": "CVE-2018-5851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel." "value": "Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Validation of Array Index in WLAN" "value": "Improper Validation of Array Index in WLAN"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2", "name": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2" "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2"
} }
] ]
} }

64
2018/5xxx/CVE-2018-5894.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-07-02T00:00:00", "DATE_PUBLIC": "2018-07-02T00:00:00",
"ID" : "CVE-2018-5894", "ID": "CVE-2018-5894",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20" "version_value": "MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur." "value": "Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Validation of Array Index in Multimedia" "value": "Improper Validation of Array Index in Multimedia"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "url": "https://www.qualcomm.com/company/product-security/bulletins"
} }
] ]
} }