admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:39:29 +00:00
parent 9a61b810b8
commit eeefb5d5e1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 3223 additions and 3223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2004/0xxx/CVE-2004-0336.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0336", "ID": "CVE-2004-0336",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040228 LAN SUITE Web Mail 602Pro Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107799540630302&w=2" "lang": "eng",
}, "value": "LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory."
{ }
"name" : "20040310 Re: LAN SUITE Web Mail 602Pro Multiple Vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "602pro-path-disclosure(15350)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15350" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "9781", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/9781" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20040310 Re: LAN SUITE Web Mail 602Pro Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html"
},
{
"name": "20040228 LAN SUITE Web Mail 602Pro Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107799540630302&w=2"
},
{
"name": "9781",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9781"
},
{
"name": "602pro-path-disclosure(15350)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15350"
}
]
}
}

160
2004/1xxx/CVE-2004-1087.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1087", "ID": "CVE-2004-1087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Terminal for Apple Mac OS X 10.3.6 may indicate that \"Secure Keyboard Entry\" is enabled even when it is not, which could result in a false sense of security for the user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2004-12-02", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html" "lang": "eng",
}, "value": "Terminal for Apple Mac OS X 10.3.6 may indicate that \"Secure Keyboard Entry\" is enabled even when it is not, which could result in a false sense of security for the user."
{ }
"name" : "P-049", ]
"refsource" : "CIAC", },
"url" : "http://www.ciac.org/ciac/bulletins/p-049.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11802", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11802" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13362", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13362/" ]
}, },
{ "references": {
"name" : "macos-terminal-secure-improper(18355)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18355" "name": "11802",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/11802"
} },
} {
"name": "13362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13362/"
},
{
"name": "macos-terminal-secure-improper(18355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18355"
},
{
"name": "APPLE-SA-2004-12-02",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
},
{
"name": "P-049",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-049.shtml"
}
]
}
}

140
2004/1xxx/CVE-2004-1133.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1133", "ID": "CVE-2004-1133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as \"Connection\" or (2) invalid parameters whose values are echoed in the resulting error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041206 Multiple vulnerabilities in w3who ISAPI DLL", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=110234486823233&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as \"Connection\" or (2) invalid parameters whose values are echoed in the resulting error message."
{ }
"name" : "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html", ]
"refsource" : "MISC", },
"url" : "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "w3who-http-error-xss(18375)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18375" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20041206 Multiple vulnerabilities in w3who ISAPI DLL",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=110234486823233&w=2"
},
{
"name": "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html",
"refsource": "MISC",
"url": "http://www.exaprobe.com/labs/advisories/esa-2004-1206.html"
},
{
"name": "w3who-http-error-xss(18375)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18375"
}
]
}
}

270
2004/1xxx/CVE-2004-1186.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1186", "ID": "CVE-2004-1186",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060526 rPSA-2006-0083-1 enscript", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/435199/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash)."
{ }
"name" : "http://support.apple.com/kb/HT3549", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT3549" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2009-05-12", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-654", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2005/dsa-654" ]
}, },
{ "references": {
"name" : "FLSA:152892", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/419768/100/0/threaded" "name": "enscript-multiple-bo(19033)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
"name" : "GLSA-200502-03", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" "name": "FLSA:152892",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
"name" : "MDKSA-2005:033", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" "name": "12329",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12329"
"name" : "RHSA-2005:040", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-040.html" "name": "http://support.apple.com/kb/HT3549",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3549"
"name" : "USN-68-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/68-1/" "name": "MDKSA-2005:033",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
"name" : "TA09-133A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" "name": "USN-68-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/68-1/"
"name" : "12329", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12329" "name": "1012965",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1012965"
"name" : "oval:org.mitre.oval:def:11134", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134" "name": "35074",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35074"
"name" : "1012965", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012965" "name": "DSA-654",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-654"
"name" : "35074", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35074" "name": "APPLE-SA-2009-05-12",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
"name" : "ADV-2009-1297", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1297" "name": "oval:org.mitre.oval:def:11134",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
"name" : "enscript-multiple-bo(19033)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033" "name": "20060526 rPSA-2006-0083-1 enscript",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
} },
} {
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "RHSA-2005:040",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"name": "GLSA-200502-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
}
]
}
}

230
2004/1xxx/CVE-2004-1189.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1189", "ID": "CVE-2004-1189",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt" "lang": "eng",
}, "value": "The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow."
{ }
"name" : "20041220 MITKRB5-SA-2004-004: heap overflow in libkadm5srv", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=110358420909358&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2005-08-15", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2005-08-17", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" ]
}, },
{ "references": {
"name" : "CLA-2005:917", "reference_data": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000917" "name": "CLA-2005:917",
}, "refsource": "CONECTIVA",
{ "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000917"
"name" : "MDKSA-2004:156", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:156" "name": "oval:org.mitre.oval:def:11911",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11911"
"name" : "RHSA-2005:012", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-012.html" "name": "kerberos-libkadm5srv-bo(18621)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18621"
"name" : "RHSA-2005:045", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-045.html" "name": "RHSA-2005:012",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-012.html"
"name" : "2004-0069", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2004/0069" "name": "APPLE-SA-2005-08-15",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
"name" : "20050110 [USN-58-1] MIT Kerberos server vulnerability", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110548298407590&w=2" "name": "20050110 [USN-58-1] MIT Kerberos server vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=110548298407590&w=2"
"name" : "oval:org.mitre.oval:def:11911", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11911" "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt",
}, "refsource": "CONFIRM",
{ "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt"
"name" : "kerberos-libkadm5srv-bo(18621)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18621" "name": "APPLE-SA-2005-08-17",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
} },
} {
"name": "2004-0069",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0069"
},
{
"name": "RHSA-2005:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-045.html"
},
{
"name": "20041220 MITKRB5-SA-2004-004: heap overflow in libkadm5srv",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110358420909358&w=2"
},
{
"name": "MDKSA-2004:156",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:156"
}
]
}
}

150
2004/1xxx/CVE-2004-1323.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1323", "ID": "CVE-2004-1323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://gleg.net/advisory_netbsd2.shtml", "description_data": [
"refsource" : "MISC", {
"url" : "http://gleg.net/advisory_netbsd2.shtml" "lang": "eng",
}, "value": "Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions."
{ }
"name" : "NetBSD-SA2004-010", ]
"refsource" : "NETBSD", },
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13501", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13501/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "netbsd-compat-gain-privileges(18564)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564" ]
} },
] "references": {
} "reference_data": [
} {
"name": "NetBSD-SA2004-010",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"name": "13501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13501/"
},
{
"name": "http://gleg.net/advisory_netbsd2.shtml",
"refsource": "MISC",
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"name": "netbsd-compat-gain-privileges(18564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
}
]
}
}

170
2004/1xxx/CVE-2004-1569.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1569", "ID": "CVE-2004-1569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040930 dbPowerAmp Buffer Overflow And Dos Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109668542406346&w=2" "lang": "eng",
}, "value": "Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00052-09272004", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00052-09272004" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11266", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11266" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12684", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/12684/" ]
}, },
{ "references": {
"name" : "dbpoweramp-player-filename-bo(17535)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17535" "name": "20040930 dbPowerAmp Buffer Overflow And Dos Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=109668542406346&w=2"
"name" : "dbpoweramp-converter-filename-bo(17539)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17539" "name": "11266",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/11266"
} },
} {
"name": "dbpoweramp-converter-filename-bo(17539)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17539"
},
{
"name": "12684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12684/"
},
{
"name": "http://www.gulftech.org/?node=research&article_id=00052-09272004",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00052-09272004"
},
{
"name": "dbpoweramp-player-filename-bo(17535)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17535"
}
]
}
}

140
2008/0xxx/CVE-2008-0902.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0902", "ID": "CVE-2008-0902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "BEA08-80.04", "description_data": [
"refsource" : "BEA", {
"url" : "http://dev2dev.bea.com/pub/advisory/273" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694."
{ }
"name" : "ADV-2008-0612", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2008/0612/references" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "29041", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29041" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "BEA08-80.04",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/273"
},
{
"name": "29041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29041"
},
{
"name": "ADV-2008-0612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0612/references"
}
]
}
}

460
2008/3xxx/CVE-2008-3108.json
View File

@ -1,232 +1,232 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3108", "ID": "CVE-2008-3108",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=122331139823057&w=2" "lang": "eng",
}, "value": "Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing."
{ }
"name" : "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/497041/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT3178", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3178" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/kb/HT3179", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/kb/HT3179" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0016.html" "name": "RHSA-2008:1044",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-1044.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm" "name": "APPLE-SA-2008-09-24",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm" "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=122331139823057&w=2"
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014", },
"refsource" : "CONFIRM", {
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014" "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm"
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717", },
"refsource" : "CONFIRM", {
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717" "name": "31600",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31600"
"name" : "APPLE-SA-2008-09-24", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" "name": "SUSE-SA:2008:042",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"
"name" : "GLSA-200911-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" "name": "32018",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32018"
"name" : "RHSA-2008:0790", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0790.html" "name": "RHSA-2008:1043",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-1043.html"
"name" : "RHSA-2008:1043", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-1043.html" "name": "GLSA-200911-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
"name" : "RHSA-2008:1044", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-1044.html" "name": "32179",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32179"
"name" : "238666", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1" "name": "ADV-2008-2740",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2740"
"name" : "SUSE-SA:2008:042", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html" "name": "31320",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31320"
"name" : "SUSE-SA:2008:043", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html" "name": "SUSE-SA:2008:043",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"
"name" : "SUSE-SA:2008:045", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html" "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717",
}, "refsource": "CONFIRM",
{ "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717"
"name" : "TA08-193A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-193A.html" "name": "33237",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33237"
"name" : "30147", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30147" "name": "ADV-2008-2056",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2056/references"
"name" : "37386", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37386" "name": "30147",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/30147"
"name" : "31736", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31736" "name": "32180",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32180"
"name" : "ADV-2008-2056", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2056/references" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
"name" : "ADV-2008-2740", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2740" "name": "31736",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31736"
"name" : "1020461", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020461" "name": "33236",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33236"
"name" : "31010", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31010" "name": "http://support.apple.com/kb/HT3178",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3178"
"name" : "31320", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31320" "name": "1020461",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1020461"
"name" : "31497", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31497" "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014",
}, "refsource": "CONFIRM",
{ "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014"
"name" : "31600", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31600" "name": "31497",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31497"
"name" : "32018", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32018" "name": "sun-jre-font-bo(43656)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43656"
"name" : "32180", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32180" "name": "238666",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"
"name" : "32179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32179" "name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
"name" : "33236", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33236" "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-300.htm"
"name" : "33237", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33237" "name": "SUSE-SA:2008:045",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html"
"name" : "sun-jre-font-bo(43656)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43656" "name": "RHSA-2008:0790",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2008-0790.html"
} },
} {
"name": "TA08-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-193A.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://support.apple.com/kb/HT3179",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3179"
},
{
"name": "31010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31010"
}
]
}
}

200
2008/3xxx/CVE-2008-3524.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-3524", "ID": "CVE-2008-3524",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=458504", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=458504" "lang": "eng",
}, "value": "rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=458652", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=458652" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318", "description": [
"refsource" : "CONFIRM", {
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.rpath.com/browse/RPL-2857", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.rpath.com/browse/RPL-2857" ]
}, },
{ "references": {
"name" : "FEDORA-2008-7667", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01135.html" "name": "31385",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/31385"
"name" : "31385", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/31385" "name": "FEDORA-2008-7667",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01135.html"
"name" : "32037", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32037" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=458504",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458504"
"name" : "32710", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32710" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=458652",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458652"
"name" : "initscripts-rcsysinit-symlink(45402)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45402" "name": "initscripts-rcsysinit-symlink(45402)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45402"
} },
} {
"name": "32710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32710"
},
{
"name": "32037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32037"
},
{
"name": "https://issues.rpath.com/browse/RPL-2857",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2857"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318"
}
]
}
}

140
2008/3xxx/CVE-2008-3588.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3588", "ID": "CVE-2008-3588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6190", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6190" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php."
{ }
"name" : "4135", ]
"refsource" : "SREASON", },
"url" : "http://securityreason.com/securityalert/4135" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phsblog-multiple-sql-injection(44163)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44163" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "6190",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6190"
},
{
"name": "4135",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4135"
},
{
"name": "phsblog-multiple-sql-injection(44163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44163"
}
]
}
}

220
2008/3xxx/CVE-2008-3856.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3856", "ID": "CVE-2008-3856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" "lang": "eng",
}, "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
{ }
"name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", ]
"refsource" : "CONFIRM", },
"url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT", "description": [
"refsource" : "CONFIRM", {
"url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IZ20352", ]
"refsource" : "AIXAPAR", }
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352" ]
}, },
{ "references": {
"name" : "IZ20350", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350" "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
}, "refsource": "CONFIRM",
{ "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
"name" : "IZ19155", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155" "name": "31058",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/31058"
"name" : "29601", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/29601" "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
"name" : "31058", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/31058" "name": "IZ20352",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
"name" : "31787", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31787" "name": "ibm-db2-infrastructure-unspecified(45140)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
"name" : "29784", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29784" "name": "IZ19155",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
"name" : "ibm-db2-infrastructure-unspecified(45140)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140" "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
} "refsource": "CONFIRM",
] "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
} },
} {
"name": "29601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29601"
},
{
"name": "IZ20350",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
},
{
"name": "31787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31787"
},
{
"name": "29784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29784"
}
]
}
}

140
2008/4xxx/CVE-2008-4526.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4526", "ID": "CVE-2008-4526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6663", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6663" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php."
{ }
"name" : "31566", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/31566" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4387", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4387" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "6663",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6663"
},
{
"name": "31566",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31566"
},
{
"name": "4387",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4387"
}
]
}
}

160
2008/4xxx/CVE-2008-4580.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-4580", "ID": "CVE-2008-4580",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20081013 Re: CVE Request", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2008/10/13/3" "lang": "eng",
}, "value": "fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file."
{ }
"name" : "[oss-security] 20081016 Re: CVE Request", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2008/10/16/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=240576", "description": [
"refsource" : "MISC", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=240576" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-875-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-875-1" ]
}, },
{ "references": {
"name" : "fence-fencemanual-symlink(45953)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953" "name": "[oss-security] 20081016 Re: CVE Request",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2008/10/16/1"
} },
} {
"name": "http://bugs.gentoo.org/show_bug.cgi?id=240576",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
},
{
"name": "fence-fencemanual-symlink(45953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45953"
},
{
"name": "USN-875-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"name": "[oss-security] 20081013 Re: CVE Request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
}
]
}
}

150
2008/6xxx/CVE-2008-6177.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6177", "ID": "CVE-2008-6177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6797", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6797" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php."
{ }
"name" : "31851", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/31851" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32345", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32345" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "lightblog-login-checkuser-file-include(46030)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46030" ]
} },
] "references": {
} "reference_data": [
} {
"name": "lightblog-login-checkuser-file-include(46030)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46030"
},
{
"name": "32345",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32345"
},
{
"name": "31851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31851"
},
{
"name": "6797",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6797"
}
]
}
}

130
2008/6xxx/CVE-2008-6494.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6494", "ID": "CVE-2008-6494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7332", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7332" "lang": "eng",
}, "value": "ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb."
{ }
"name" : "aspuserengine-users-information-disclosure(49400)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49400" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "aspuserengine-users-information-disclosure(49400)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49400"
},
{
"name": "7332",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7332"
}
]
}
}

150
2008/6xxx/CVE-2008-6563.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6563", "ID": "CVE-2008-6563",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080411 Trillian 3.1.9.0 DTD File Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490772/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file."
{ }
"name" : "28747", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/28747" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "51130", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/51130" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "trillian-dtd-bo(41782)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41782" ]
} },
] "references": {
} "reference_data": [
} {
"name": "28747",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28747"
},
{
"name": "trillian-dtd-bo(41782)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41782"
},
{
"name": "51130",
"refsource": "OSVDB",
"url": "http://osvdb.org/51130"
},
{
"name": "20080411 Trillian 3.1.9.0 DTD File Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490772/100/0/threaded"
}
]
}
}

180
2008/6xxx/CVE-2008-6661.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6661", "ID": "CVE-2008-6661",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081210 [IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=122893066212987&w=2" "lang": "eng",
}, "value": "Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file."
{ }
"name" : "http://www.ivizsecurity.com/security-advisory-iviz-sr-08012.html", ]
"refsource" : "MISC", },
"url" : "http://www.ivizsecurity.com/security-advisory-iviz-sr-08012.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32751", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/32751" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "50826", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/50826" ]
}, },
{ "references": {
"name" : "33240", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33240" "name": "33240",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33240"
"name" : "ADV-2008-3459", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/3459" "name": "20081210 [IVIZ-08-012] Bitdefender antivirus for Linux multiple vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=122893066212987&w=2"
"name" : "bitdefender-pe-overflow(47219)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47219" "name": "50826",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/50826"
} },
} {
"name": "ADV-2008-3459",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3459"
},
{
"name": "bitdefender-pe-overflow(47219)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47219"
},
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08012.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08012.html"
},
{
"name": "32751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32751"
}
]
}
}

140
2008/6xxx/CVE-2008-6716.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6716", "ID": "CVE-2008-6716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7017", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7017" "lang": "eng",
}, "value": "homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request."
{ }
"name" : "32151", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/32151" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "preadsportal-adminhome-auth-bypass(46399)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46399" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "7017",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7017"
},
{
"name": "preadsportal-adminhome-auth-bypass(46399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46399"
},
{
"name": "32151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32151"
}
]
}
}

180
2013/2xxx/CVE-2013-2594.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2594", "ID": "CVE-2013-2594",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "25002", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/25002" "lang": "eng",
}, "value": "SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter."
{ }
"name" : "20130424 hornbill supportworks SQL injection", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2013/Apr/232" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/121402/Hornbill-Supportworks-ITSM-1.0.0-SQL-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/121402/Hornbill-Supportworks-ITSM-1.0.0-SQL-Injection.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.reactionpenetrationtesting.co.uk/hornbill-supportworks-sql-injection.html", ]
"refsource" : "MISC", }
"url" : "http://www.reactionpenetrationtesting.co.uk/hornbill-supportworks-sql-injection.html" ]
}, },
{ "references": {
"name" : "59439", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/59439" "name": "http://www.reactionpenetrationtesting.co.uk/hornbill-supportworks-sql-injection.html",
}, "refsource": "MISC",
{ "url": "http://www.reactionpenetrationtesting.co.uk/hornbill-supportworks-sql-injection.html"
"name" : "92757", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/92757" "name": "20130424 hornbill supportworks SQL injection",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2013/Apr/232"
"name" : "hornbill-itsm-calldiary-sql-injection(83767)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83767" "name": "92757",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/92757"
} },
} {
"name": "59439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59439"
},
{
"name": "http://packetstormsecurity.com/files/121402/Hornbill-Supportworks-ITSM-1.0.0-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121402/Hornbill-Supportworks-ITSM-1.0.0-SQL-Injection.html"
},
{
"name": "hornbill-itsm-calldiary-sql-injection(83767)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83767"
},
{
"name": "25002",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/25002"
}
]
}
}

34
2013/2xxx/CVE-2013-2673.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2673", "ID": "CVE-2013-2673",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2013/2xxx/CVE-2013-2876.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2013-2876", "ID": "CVE-2013-2876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f" "lang": "eng",
}, "value": "browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page."
{ }
"name" : "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=229504", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.google.com/p/chromium/issues/detail?id=229504" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-2724", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2013/dsa-2724" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:17350", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17350" "name": "https://code.google.com/p/chromium/issues/detail?id=229504",
} "refsource": "CONFIRM",
] "url": "https://code.google.com/p/chromium/issues/detail?id=229504"
} },
} {
"name": "http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f",
"refsource": "CONFIRM",
"url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f"
},
{
"name": "oval:org.mitre.oval:def:17350",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17350"
},
{
"name": "DSA-2724",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2724"
},
{
"name": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html"
}
]
}
}

34
2013/6xxx/CVE-2013-6157.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-6157", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-6157",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

130
2013/6xxx/CVE-2013-6215.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2013-6215", "ID": "CVE-2013-6215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMU02987", "description_data": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959" "lang": "eng",
}, "value": "Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977."
{ }
"name" : "SSRT101372", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02987",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959"
},
{
"name": "SSRT101372",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04219959"
}
]
}
}

130
2013/6xxx/CVE-2013-6302.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-6302", "ID": "CVE-2013-6302",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6331."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666110", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666110" "lang": "eng",
}, "value": "SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6331."
{ }
"name" : "ibm-algo-one-cve20136302-sqli(88532)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/88532" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-algo-one-cve20136302-sqli(88532)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88532"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21666110",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21666110"
}
]
}
}

198
2017/10xxx/CVE-2017-10332.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-10332", "ID": "CVE-2017-10332",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Universal Work Queue", "product_name": "Universal Work Queue",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.1" "version_value": "12.1.1"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.2" "version_value": "12.1.2"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.6" "version_value": "12.2.6"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.7" "version_value": "12.2.7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
{ }
"name" : "101376", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101376" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039592", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039592" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "101376",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101376"
},
{
"name": "1039592",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039592"
}
]
}
}

120
2017/10xxx/CVE-2017-10755.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10755", "ID": "CVE-2017-10755",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInitializeThread+0x000000000000010b.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10755", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10755" "lang": "eng",
} "value": "XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpInitializeThread+0x000000000000010b.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10755",
"refsource": "MISC",
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10755"
}
]
}
}

170
2017/14xxx/CVE-2017-14039.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14039", "ID": "CVE-2017-14039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/", "description_data": [
"refsource" : "MISC", {
"url" : "https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/" "lang": "eng",
}, "value": "A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact."
{ }
"name" : "https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e", ]
"refsource" : "MISC", },
"url" : "https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/uclouvain/openjpeg/issues/992", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/uclouvain/openjpeg/issues/992" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-4013", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2017/dsa-4013" ]
}, },
{ "references": {
"name" : "GLSA-201710-26", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201710-26" "name": "GLSA-201710-26",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201710-26"
"name" : "100550", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100550" "name": "https://github.com/uclouvain/openjpeg/issues/992",
} "refsource": "MISC",
] "url": "https://github.com/uclouvain/openjpeg/issues/992"
} },
} {
"name": "DSA-4013",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-4013"
},
{
"name": "100550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100550"
},
{
"name": "https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e",
"refsource": "MISC",
"url": "https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e"
},
{
"name": "https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/"
}
]
}
}

34
2017/14xxx/CVE-2017-14221.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14221", "ID": "CVE-2017-14221",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2017/14xxx/CVE-2017-14838.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14838", "ID": "CVE-2017-14838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42795", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42795/" "lang": "eng",
} "value": "TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42795",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42795/"
}
]
}
}

120
2017/15xxx/CVE-2017-15875.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15875", "ID": "CVE-2017-15875",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the \"checkemail\" parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.augustopereira.com.br/blog/seguranca-gpweb-8-4-61-multiplas-falhas-sqli-manipulacao-de-privilegios-uploads-sem-restricoes-exposicao-de-informacao-sensivel", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.augustopereira.com.br/blog/seguranca-gpweb-8-4-61-multiplas-falhas-sqli-manipulacao-de-privilegios-uploads-sem-restricoes-exposicao-de-informacao-sensivel" "lang": "eng",
} "value": "SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the \"checkemail\" parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.augustopereira.com.br/blog/seguranca-gpweb-8-4-61-multiplas-falhas-sqli-manipulacao-de-privilegios-uploads-sem-restricoes-exposicao-de-informacao-sensivel",
"refsource": "MISC",
"url": "https://www.augustopereira.com.br/blog/seguranca-gpweb-8-4-61-multiplas-falhas-sqli-manipulacao-de-privilegios-uploads-sem-restricoes-exposicao-de-informacao-sensivel"
}
]
}
}

120
2017/9xxx/CVE-2017-9212.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9212", "ID": "CVE-2017-9212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://twitter.com/__Obzy__/status/864704956116254720", "description_data": [
"refsource" : "MISC", {
"url" : "https://twitter.com/__Obzy__/status/864704956116254720" "lang": "eng",
} "value": "The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/__Obzy__/status/864704956116254720",
"refsource": "MISC",
"url": "https://twitter.com/__Obzy__/status/864704956116254720"
}
]
}
}

130
2017/9xxx/CVE-2017-9440.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9440", "ID": "CVE-2017-9440",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/462", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/462" "lang": "eng",
}, "value": "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file."
{ }
"name" : "98908", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98908" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98908"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/462",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/462"
}
]
}
}

140
2017/9xxx/CVE-2017-9653.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-9653", "ID": "CVE-2017-9653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-220-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-220-01" "lang": "eng",
}, "value": "An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized."
{ }
"name" : "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00324", ]
"refsource" : "CONFIRM", },
"url" : "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00324" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100212", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100212" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00324",
"refsource": "CONFIRM",
"url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00324"
},
{
"name": "100212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100212"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-220-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-220-01"
}
]
}
}

34
2017/9xxx/CVE-2017-9866.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9866", "ID": "CVE-2017-9866",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/0xxx/CVE-2018-0118.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2018-0118", "ID": "CVE-2018-0118",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Unified Communications Manager", "product_name": "Cisco Unified Communications Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Unified Communications Manager" "version_value": "Cisco Unified Communications Manager"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a link that is designed to submit malicious input to the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information on the targeted device. Cisco Bug IDs: CSCvg51264."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180110-ucm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180110-ucm" "lang": "eng",
}, "value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a link that is designed to submit malicious input to the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information on the targeted device. Cisco Bug IDs: CSCvg51264."
{ }
"name" : "102478", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102478" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040193", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040193" "lang": "eng",
} "value": "CWE-79"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180110-ucm",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180110-ucm"
},
{
"name": "102478",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102478"
},
{
"name": "1040193",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040193"
}
]
}
}

140
2018/0xxx/CVE-2018-0422.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2018-0422", "ID": "CVE-2018-0422",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user's own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180905 Cisco Webex Meetings Client for Windows Privilege Escalation Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe" "lang": "eng",
}, "value": "A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user's own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur."
{ }
"name" : "105281", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105281" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041681", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041681" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "105281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105281"
},
{
"name": "1041681",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041681"
},
{
"name": "20180905 Cisco Webex Meetings Client for Windows Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe"
}
]
}
}

34
2018/0xxx/CVE-2018-0928.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-0928", "ID": "CVE-2018-0928",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

136
2018/1000xxx/CVE-2018-1000830.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-11-27T13:54:33.466201", "DATE_ASSIGNED": "2018-11-27T13:54:33.466201",
"DATE_REQUESTED" : "2018-10-28T04:05:27", "DATE_REQUESTED": "2018-10-28T04:05:27",
"ID" : "CVE-2018-1000830", "ID": "CVE-2018-1000830",
"REQUESTER" : "sajeeb@0dd.zone", "REQUESTER": "sajeeb@0dd.zone",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "XR3Player", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<= V3.124" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "XR3Player" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity (XXE)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://0dd.zone/2018/10/28/xr3player-XXE/", "description_data": [
"refsource" : "MISC", {
"url" : "https://0dd.zone/2018/10/28/xr3player-XXE/" "lang": "eng",
}, "value": "XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."
{ }
"name" : "https://github.com/goxr3plus/XR3Player/issues/9", ]
"refsource" : "MISC", },
"url" : "https://github.com/goxr3plus/XR3Player/issues/9" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/goxr3plus/XR3Player/issues/9",
"refsource": "MISC",
"url": "https://github.com/goxr3plus/XR3Player/issues/9"
},
{
"name": "https://0dd.zone/2018/10/28/xr3player-XXE/",
"refsource": "MISC",
"url": "https://0dd.zone/2018/10/28/xr3player-XXE/"
}
]
}
}

130
2018/12xxx/CVE-2018-12019.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12019", "ID": "CVE-2018-12019",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://openwall.com/lists/oss-security/2018/06/13/10", "description_data": [
"refsource" : "MISC", {
"url" : "http://openwall.com/lists/oss-security/2018/06/13/10" "lang": "eng",
}, "value": "The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids."
{ }
"name" : "https://www.enigmail.net/index.php/en/download/changelog", ]
"refsource" : "MISC", },
"url" : "https://www.enigmail.net/index.php/en/download/changelog" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://openwall.com/lists/oss-security/2018/06/13/10",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2018/06/13/10"
},
{
"name": "https://www.enigmail.net/index.php/en/download/changelog",
"refsource": "MISC",
"url": "https://www.enigmail.net/index.php/en/download/changelog"
}
]
}
}

140
2018/16xxx/CVE-2018-16134.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16134", "ID": "CVE-2018-16134",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45309", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45309/" "lang": "eng",
}, "value": "Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI."
{ }
"name" : "https://emreovunc.com/blog/en/CyBroHttpServer-v1.0.3-XSS.png", ]
"refsource" : "MISC", },
"url" : "https://emreovunc.com/blog/en/CyBroHttpServer-v1.0.3-XSS.png" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "45309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45309/"
},
{
"name": "https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS",
"refsource": "MISC",
"url": "https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS"
},
{
"name": "https://emreovunc.com/blog/en/CyBroHttpServer-v1.0.3-XSS.png",
"refsource": "MISC",
"url": "https://emreovunc.com/blog/en/CyBroHttpServer-v1.0.3-XSS.png"
}
]
}
}

34
2018/16xxx/CVE-2018-16404.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16404", "ID": "CVE-2018-16404",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/16xxx/CVE-2018-16815.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16815", "ID": "CVE-2018-16815",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/19xxx/CVE-2018-19607.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19607", "ID": "CVE-2018-19607",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/Exiv2/exiv2/issues/561", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/Exiv2/exiv2/issues/561" "lang": "eng",
} "value": "Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Exiv2/exiv2/issues/561",
"refsource": "MISC",
"url": "https://github.com/Exiv2/exiv2/issues/561"
}
]
}
}

34
2018/4xxx/CVE-2018-4432.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4432", "ID": "CVE-2018-4432",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4461.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4461", "ID": "CVE-2018-4461",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4526.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4526", "ID": "CVE-2018-4526",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4527.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4527", "ID": "CVE-2018-4527",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4572.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4572", "ID": "CVE-2018-4572",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4870.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4870", "ID": "CVE-2018-4870",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }