admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:43:27 +00:00
parent 0da95b1766
commit fe9fa1c3f6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4322 additions and 4322 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2002/0xxx/CVE-2002-0006.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0006", "ID": "CVE-2002-0006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set." "value": "XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020109 xchat IRC session hijacking vulnerability (versions 1.4.1, 1.4.2)", "name": "xchat-ctcp-ping-command(7856)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=101060676210255&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7856"
}, },
{ {
"name" : "DSA-099", "name": "CLA-2002:453",
"refsource" : "DEBIAN", "refsource": "CONECTIVA",
"url" : "http://www.debian.org/security/2002/dsa-099" "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453"
}, },
{ {
"name" : "RHSA-2002:005", "name": "RHSA-2002:005",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2002-005.html" "url": "http://rhn.redhat.com/errata/RHSA-2002-005.html"
}, },
{ {
"name" : "HPSBTL0201-016", "name": "HPSBTL0201-016",
"refsource" : "HP", "refsource": "HP",
"url" : "http://online.securityfocus.com/advisories/3806" "url": "http://online.securityfocus.com/advisories/3806"
}, },
{ {
"name" : "CLA-2002:453", "name": "3830",
"refsource" : "CONECTIVA", "refsource": "BID",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453" "url": "http://www.securityfocus.com/bid/3830"
}, },
{ {
"name" : "xchat-ctcp-ping-command(7856)", "name": "20020109 xchat IRC session hijacking vulnerability (versions 1.4.1, 1.4.2)",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7856" "url": "http://marc.info/?l=bugtraq&m=101060676210255&w=2"
}, },
{ {
"name" : "3830", "name": "DSA-099",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/3830" "url": "http://www.debian.org/security/2002/dsa-099"
} }
] ]
} }

80
2002/0xxx/CVE-2002-0091.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0091", "ID": "CVE-2002-0091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields." "value": "Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020429 eSecurityOnline Security Advisory 2408 - CIDER SHADOW CGI", "name": "http://www.esecurityonline.com/advisories/eSO2408.asp",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0400.html" "url": "http://www.esecurityonline.com/advisories/eSO2408.asp"
}, },
{ {
"name" : "http://www.esecurityonline.com/advisories/eSO2408.asp", "name": "shadow-cgi-execute-commands(8953)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.esecurityonline.com/advisories/eSO2408.asp" "url": "http://www.iss.net/security_center/static/8953.php"
}, },
{ {
"name" : "4625", "name": "4625",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4625" "url": "http://www.securityfocus.com/bid/4625"
}, },
{ {
"name" : "shadow-cgi-execute-commands(8953)", "name": "20020429 eSecurityOnline Security Advisory 2408 - CIDER SHADOW CGI",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/8953.php" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0400.html"
} }
] ]
} }

68
2002/0xxx/CVE-2002-0611.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0611", "ID": "CVE-2002-0611",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered." "value": "Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020416 FileSeek cgi script advisory", "name": "fileseek-cgi-directory-traversal(8858)",
"refsource" : "VULN-DEV", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0132.html" "url": "http://www.iss.net/security_center/static/8858.php"
}, },
{ {
"name" : "fileseek-cgi-directory-traversal(8858)", "name": "20020416 FileSeek cgi script advisory",
"refsource" : "XF", "refsource": "VULN-DEV",
"url" : "http://www.iss.net/security_center/static/8858.php" "url": "http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0132.html"
} }
] ]
} }

80
2002/0xxx/CVE-2002-0956.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0956", "ID": "CVE-2002-0956",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions." "value": "BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020606 [VulnWatch] KPMG-2002019: BlackICE Agent not Firewalling After Standby", "name": "20020606 KPMG-2002019: BlackICE Agent not Firewalling After Standby",
"refsource" : "VULNWATCH", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html" "url": "http://online.securityfocus.com/archive/1/275710"
}, },
{ {
"name" : "20020606 KPMG-2002019: BlackICE Agent not Firewalling After Standby", "name": "20020606 [VulnWatch] KPMG-2002019: BlackICE Agent not Firewalling After Standby",
"refsource" : "BUGTRAQ", "refsource": "VULNWATCH",
"url" : "http://online.securityfocus.com/archive/1/275710" "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html"
}, },
{ {
"name" : "4950", "name": "4950",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4950" "url": "http://www.securityfocus.com/bid/4950"
}, },
{ {
"name" : "blackice-standby-inactivate(9275)", "name": "blackice-standby-inactivate(9275)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/9275.php" "url": "http://www.iss.net/security_center/static/9275.php"
} }
] ]
} }

74
2002/2xxx/CVE-2002-2011.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2011", "ID": "CVE-2002-2011",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter." "value": "Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020419 Another Faq-O-Matic XSS Vuln?", "name": "faqomatic-cgi-file-css(8906)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0287.html" "url": "http://www.iss.net/security_center/static/8906.php"
}, },
{ {
"name" : "4565", "name": "4565",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4565" "url": "http://www.securityfocus.com/bid/4565"
}, },
{ {
"name" : "faqomatic-cgi-file-css(8906)", "name": "20020419 Another Faq-O-Matic XSS Vuln?",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/8906.php" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0287.html"
} }
] ]
} }

74
2002/2xxx/CVE-2002-2036.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2036", "ID": "CVE-2002-2036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client." "value": "Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44069", "name": "44069",
"refsource" : "SUNALERT", "refsource": "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-44069-1" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-44069-1"
}, },
{ {
"name" : "4911", "name": "4911",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4911" "url": "http://www.securityfocus.com/bid/4911"
}, },
{ {
"name" : "srss-nscm-unauthorized-access(9252)", "name": "srss-nscm-unauthorized-access(9252)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/9252.php" "url": "http://www.iss.net/security_center/static/9252.php"
} }
] ]
} }

68
2002/2xxx/CVE-2002-2117.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2117", "ID": "CVE-2002-2117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP)." "value": "Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.safehack.com/Advisory/sh_XPDOS500.txt", "name": "winxp-udp-dos(8207)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.safehack.com/Advisory/sh_XPDOS500.txt" "url": "http://www.iss.net/security_center/static/8207.php"
}, },
{ {
"name" : "winxp-udp-dos(8207)", "name": "http://www.safehack.com/Advisory/sh_XPDOS500.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "http://www.iss.net/security_center/static/8207.php" "url": "http://www.safehack.com/Advisory/sh_XPDOS500.txt"
} }
] ]
} }

74
2002/2xxx/CVE-2002-2351.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2351", "ID": "CVE-2002-2351",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)." "value": "Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing \".\" (dot)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020807 Eudora attachment spoof", "name": "5432",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html" "url": "http://www.securityfocus.com/bid/5432"
}, },
{ {
"name" : "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt", "name": "20020807 Eudora attachment spoof",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt" "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00142.html"
}, },
{ {
"name" : "5432", "name": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/5432" "url": "http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt"
} }
] ]
} }

22
2005/0xxx/CVE-2005-0169.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2005-0169", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2005-0169",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
} }
] ]
} }

62
2005/0xxx/CVE-2005-0996.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0996", "ID": "CVE-2005-0996",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function." "value": "Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050403 [SECURITYREASON.COM] phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13", "name": "20050403 [SECURITYREASON.COM] phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111289685724764&w=2" "url": "http://marc.info/?l=bugtraq&m=111289685724764&w=2"
} }
] ]
} }

80
2005/1xxx/CVE-2005-1602.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1602", "ID": "CVE-2005-1602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field." "value": "SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050508 Browser Based File Manager Administration Vulnerability", "name": "13547",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0134.html" "url": "http://www.securityfocus.com/bid/13547"
}, },
{ {
"name" : "13547", "name": "browser-based-file-mgr-sql-injection(20504)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/13547" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20504"
}, },
{ {
"name" : "16544", "name": "20050508 Browser Based File Manager Administration Vulnerability",
"refsource" : "OSVDB", "refsource": "FULLDISC",
"url" : "http://www.osvdb.org/16544" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0134.html"
}, },
{ {
"name" : "browser-based-file-mgr-sql-injection(20504)", "name": "16544",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20504" "url": "http://www.osvdb.org/16544"
} }
] ]
} }

62
2005/1xxx/CVE-2005-1691.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1691", "ID": "CVE-2005-1691",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via \"..\" sequences in an HTTP GET request." "value": "Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via \"..\" sequences in an HTTP GET request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.corsaire.com/advisories/c050503-001.txt", "name": "http://www.corsaire.com/advisories/c050503-001.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.corsaire.com/advisories/c050503-001.txt" "url": "http://www.corsaire.com/advisories/c050503-001.txt"
} }
] ]
} }

98
2005/1xxx/CVE-2005-1825.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1825", "ID": "CVE-2005-1825",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process." "value": "Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050601 HP Radia Notify Daemon: Multiple Buffer Overflow Vulnerabilities", "name": "1014089",
"refsource" : "FULLDISC", "refsource": "SECTRACK",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034387.html" "url": "http://securitytracker.com/id?1014089"
}, },
{ {
"name" : "http://www.grok.org.uk/advisories/radexecd.html", "name": "ADV-2005-0681",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://www.grok.org.uk/advisories/radexecd.html" "url": "http://www.vupen.com/english/advisories/2005/0681"
}, },
{ {
"name" : "HPSBMA01143", "name": "HPSBMA01143",
"refsource" : "HP", "refsource": "HP",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034394.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034394.html"
}, },
{ {
"name" : "SSRT5962", "name": "20050601 HP Radia Notify Daemon: Multiple Buffer Overflow Vulnerabilities",
"refsource" : "HP", "refsource": "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034394.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034387.html"
}, },
{ {
"name" : "ADV-2005-0681", "name": "15567",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2005/0681" "url": "http://secunia.com/advisories/15567"
}, },
{ {
"name" : "1014089", "name": "http://www.grok.org.uk/advisories/radexecd.html",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1014089" "url": "http://www.grok.org.uk/advisories/radexecd.html"
}, },
{ {
"name" : "15567", "name": "SSRT5962",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/15567" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034394.html"
} }
] ]
} }

68
2005/1xxx/CVE-2005-1836.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1836", "ID": "CVE-2005-1836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for .jsp files." "value": "NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for .jsp files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050601 [ZH2005-13SA] NEXTWEB (i)Site website management multiple", "name": "20050601 [ZH2005-13SA] NEXTWEB (i)Site website management multiple",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111764682925083&w=2" "url": "http://marc.info/?l=bugtraq&m=111764682925083&w=2"
}, },
{ {
"name" : "15560", "name": "15560",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/15560" "url": "http://secunia.com/advisories/15560"
} }
] ]
} }

68
2009/0xxx/CVE-2009-0446.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0446", "ID": "CVE-2009-0446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7961", "name": "33590",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/7961" "url": "http://www.securityfocus.com/bid/33590"
}, },
{ {
"name" : "33590", "name": "7961",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/33590" "url": "https://www.exploit-db.com/exploits/7961"
} }
] ]
} }

266
2009/0xxx/CVE-2009-0781.json
View File

@ -1,231 +1,231 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-0781", "ID": "CVE-2009-0781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to \"invalid HTML.\"" "value": "Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to \"invalid HTML.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application", "name": "http://tomcat.apache.org/security-4.html",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/501538/100/0/threaded" "url": "http://tomcat.apache.org/security-4.html"
}, },
{ {
"name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "name": "HPSBMA02535",
"refsource" : "BUGTRAQ", "refsource": "HP",
"url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" "url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2"
}, },
{ {
"name" : "http://tomcat.apache.org/security-4.html", "name": "MDVSA-2009:138",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://tomcat.apache.org/security-4.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
}, },
{ {
"name" : "http://tomcat.apache.org/security-5.html", "name": "oval:org.mitre.oval:def:6564",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://tomcat.apache.org/security-5.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6564"
}, },
{ {
"name" : "http://tomcat.apache.org/security-6.html", "name": "FEDORA-2009-11356",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "http://tomcat.apache.org/security-6.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
}, },
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "name": "DSA-2207",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" "url": "http://www.debian.org/security/2011/dsa-2207"
}, },
{ {
"name" : "http://support.apple.com/kb/HT4077", "name": "HPSBUX02860",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://support.apple.com/kb/HT4077" "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2"
}, },
{ {
"name" : "APPLE-SA-2010-03-29-1", "name": "tomcat-cal2-xss(49213)",
"refsource" : "APPLE", "refsource": "XF",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49213"
}, },
{ {
"name" : "DSA-2207", "name": "37460",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2011/dsa-2207" "url": "http://secunia.com/advisories/37460"
}, },
{ {
"name" : "FEDORA-2009-11352", "name": "ADV-2010-3056",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html" "url": "http://www.vupen.com/english/advisories/2010/3056"
}, },
{ {
"name" : "FEDORA-2009-11356", "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html" "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
}, },
{ {
"name" : "FEDORA-2009-11374", "name": "35788",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html" "url": "http://secunia.com/advisories/35788"
}, },
{ {
"name" : "HPSBUX02579", "name": "SSRT100029",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=129070310906557&w=2" "url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2"
}, },
{ {
"name" : "SSRT100203", "name": "APPLE-SA-2010-03-29-1",
"refsource" : "HP", "refsource": "APPLE",
"url" : "http://marc.info/?l=bugtraq&m=129070310906557&w=2" "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
}, },
{ {
"name" : "HPSBUX02860", "name": "HPSBOV02762",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2"
}, },
{ {
"name" : "SSRT101146", "name": "ADV-2009-1856",
"refsource" : "HP", "refsource": "VUPEN",
"url" : "http://marc.info/?l=bugtraq&m=136485229118404&w=2" "url": "http://www.vupen.com/english/advisories/2009/1856"
}, },
{ {
"name" : "HPSBMA02535", "name": "oval:org.mitre.oval:def:11041",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://marc.info/?l=bugtraq&m=127420533226623&w=2" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11041"
}, },
{ {
"name" : "HPSBOV02762", "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource" : "HP", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=133469267822771&w=2" "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
}, },
{ {
"name" : "SSRT100029", "name": "42368",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=127420533226623&w=2" "url": "http://secunia.com/advisories/42368"
}, },
{ {
"name" : "SSRT100825", "name": "http://tomcat.apache.org/security-6.html",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=133469267822771&w=2" "url": "http://tomcat.apache.org/security-6.html"
}, },
{ {
"name" : "MDVSA-2009:136", "name": "http://support.apple.com/kb/HT4077",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136" "url": "http://support.apple.com/kb/HT4077"
}, },
{ {
"name" : "MDVSA-2009:138", "name": "FEDORA-2009-11374",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
}, },
{ {
"name" : "263529", "name": "35685",
"refsource" : "SUNALERT", "refsource": "SECUNIA",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1" "url": "http://secunia.com/advisories/35685"
}, },
{ {
"name" : "SUSE-SR:2009:012", "name": "oval:org.mitre.oval:def:19345",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19345"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11041", "name": "SSRT100825",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11041" "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2"
}, },
{ {
"name" : "oval:org.mitre.oval:def:6564", "name": "FEDORA-2009-11352",
"refsource" : "OVAL", "refsource": "FEDORA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6564" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19345", "name": "http://tomcat.apache.org/security-5.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19345" "url": "http://tomcat.apache.org/security-5.html"
}, },
{ {
"name" : "35685", "name": "SUSE-SR:2009:012",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/35685" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
}, },
{ {
"name" : "35788", "name": "HPSBUX02579",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/35788" "url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2"
}, },
{ {
"name" : "37460", "name": "SSRT101146",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/37460" "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2"
}, },
{ {
"name" : "42368", "name": "MDVSA-2009:136",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/42368" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
}, },
{ {
"name" : "ADV-2009-1856", "name": "263529",
"refsource" : "VUPEN", "refsource": "SUNALERT",
"url" : "http://www.vupen.com/english/advisories/2009/1856" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
}, },
{ {
"name" : "ADV-2009-3316", "name": "SSRT100203",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2009/3316" "url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2"
}, },
{ {
"name" : "ADV-2010-3056", "name": "ADV-2009-3316",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3056" "url": "http://www.vupen.com/english/advisories/2009/3316"
}, },
{ {
"name" : "tomcat-cal2-xss(49213)", "name": "20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49213" "url": "http://www.securityfocus.com/archive/1/501538/100/0/threaded"
} }
] ]
} }

122
2009/0xxx/CVE-2009-0838.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0838", "ID": "CVE-2009-0838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function." "value": "The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139498-04-1", "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139498-04-1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139498-04-1" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139498-04-1"
}, },
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-097.htm", "name": "1021810",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-097.htm" "url": "http://securitytracker.com/id?1021810"
}, },
{ {
"name" : "254088", "name": "34000",
"refsource" : "SUNALERT", "refsource": "BID",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254088-1" "url": "http://www.securityfocus.com/bid/34000"
}, },
{ {
"name" : "34000", "name": "ADV-2009-0606",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/34000" "url": "http://www.vupen.com/english/advisories/2009/0606"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5641", "name": "sun-solaris-cryptodriver-dos(49105)",
"refsource" : "OVAL", "refsource": "XF",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5641" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49105"
}, },
{ {
"name" : "1021810", "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-097.htm",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1021810" "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-097.htm"
}, },
{ {
"name" : "34149", "name": "ADV-2009-0815",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/34149" "url": "http://www.vupen.com/english/advisories/2009/0815"
}, },
{ {
"name" : "34455", "name": "254088",
"refsource" : "SECUNIA", "refsource": "SUNALERT",
"url" : "http://secunia.com/advisories/34455" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254088-1"
}, },
{ {
"name" : "ADV-2009-0606", "name": "oval:org.mitre.oval:def:5641",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2009/0606" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5641"
}, },
{ {
"name" : "ADV-2009-0815", "name": "34149",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/0815" "url": "http://secunia.com/advisories/34149"
}, },
{ {
"name" : "sun-solaris-cryptodriver-dos(49105)", "name": "34455",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49105" "url": "http://secunia.com/advisories/34455"
} }
] ]
} }

80
2009/0xxx/CVE-2009-0862.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0862", "ID": "CVE-2009-0862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x (aka Eagle) before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information." "value": "Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x (aka Eagle) before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tangocms.org/article/view/2.2.4-released", "name": "http://tangocms.org/article/view/2.2.4-released",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://tangocms.org/article/view/2.2.4-released" "url": "http://tangocms.org/article/view/2.2.4-released"
}, },
{ {
"name" : "http://tangocms.org/changelog", "name": "http://tangocms.org/changelog",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://tangocms.org/changelog" "url": "http://tangocms.org/changelog"
}, },
{ {
"name" : "33833", "name": "33833",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/33833" "url": "http://www.securityfocus.com/bid/33833"
}, },
{ {
"name" : "33967", "name": "33967",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/33967" "url": "http://secunia.com/advisories/33967"
} }
] ]
} }

98
2009/1xxx/CVE-2009-1173.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1173", "ID": "CVE-2009-1173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified \"interim fixes,\" which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used." "value": "IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified \"interim fixes,\" which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463", "name": "ADV-2009-0854",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27014463" "url": "http://www.vupen.com/english/advisories/2009/0854"
}, },
{ {
"name" : "PK77590", "name": "34259",
"refsource" : "AIXAPAR", "refsource": "BID",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590" "url": "http://www.securityfocus.com/bid/34259"
}, },
{ {
"name" : "PK82988", "name": "34131",
"refsource" : "AIXAPAR", "refsource": "SECUNIA",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988" "url": "http://secunia.com/advisories/34131"
}, },
{ {
"name" : "34259", "name": "34461",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/34259" "url": "http://secunia.com/advisories/34461"
}, },
{ {
"name" : "34461", "name": "PK77590",
"refsource" : "SECUNIA", "refsource": "AIXAPAR",
"url" : "http://secunia.com/advisories/34461" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590"
}, },
{ {
"name" : "34131", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/34131" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463"
}, },
{ {
"name" : "ADV-2009-0854", "name": "PK82988",
"refsource" : "VUPEN", "refsource": "AIXAPAR",
"url" : "http://www.vupen.com/english/advisories/2009/0854" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988"
} }
] ]
} }

242
2009/1xxx/CVE-2009-1192.json
View File

@ -1,211 +1,211 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-1192", "ID": "CVE-2009-1192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages." "value": "The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090516 rPSA-2009-0084-1 kernel", "name": "MDVSA-2009:135",
"refsource" : "BUGTRAQ", "refsource": "MANDRIVA",
"url" : "http://www.securityfocus.com/archive/1/503610/100/0/threaded" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
}, },
{ {
"name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "name": "oval:org.mitre.oval:def:10567",
"refsource" : "BUGTRAQ", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567"
}, },
{ {
"name" : "[oss-security] 20090422 CVE-2009-1192 kernel: agp: zero pages before sending to userspace", "name": "37471",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://openwall.com/lists/oss-security/2009/04/22/2" "url": "http://secunia.com/advisories/37471"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=59de2bebabc5027f93df999d59cc65df591c3e6e", "name": "SUSE-SA:2009:032",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=59de2bebabc5027f93df999d59cc65df591c3e6e" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3", "name": "35656",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3" "url": "http://secunia.com/advisories/35656"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=497020", "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=497020" "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
}, },
{ {
"name" : "http://wiki.rpath.com/Advisories:rPSA-2009-0084", "name": "DSA-1794",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2009-0084" "url": "http://www.debian.org/security/2009/dsa-1794"
}, },
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "name": "37351",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" "url": "http://secunia.com/advisories/37351"
}, },
{ {
"name" : "DSA-1787", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=497020",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2009/dsa-1787" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=497020"
}, },
{ {
"name" : "DSA-1794", "name": "20090516 rPSA-2009-0084-1 kernel",
"refsource" : "DEBIAN", "refsource": "BUGTRAQ",
"url" : "http://www.debian.org/security/2009/dsa-1794" "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"
}, },
{ {
"name" : "DSA-1800", "name": "SUSE-SA:2009:056",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2009/dsa-1800" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html"
}, },
{ {
"name" : "MDVSA-2009:119", "name": "[oss-security] 20090422 CVE-2009-1192 kernel: agp: zero pages before sending to userspace",
"refsource" : "MANDRIVA", "refsource": "MLIST",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119" "url": "http://openwall.com/lists/oss-security/2009/04/22/2"
}, },
{ {
"name" : "MDVSA-2009:135", "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135" "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3"
}, },
{ {
"name" : "RHSA-2009:1081", "name": "35011",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1081.html" "url": "http://secunia.com/advisories/35011"
}, },
{ {
"name" : "SUSE-SA:2009:032", "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource" : "SUSE", "refsource": "BUGTRAQ",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html" "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
}, },
{ {
"name" : "SUSE-SA:2009:054", "name": "34673",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html" "url": "http://www.securityfocus.com/bid/34673"
}, },
{ {
"name" : "SUSE-SA:2009:056", "name": "35120",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html" "url": "http://secunia.com/advisories/35120"
}, },
{ {
"name" : "USN-793-1", "name": "USN-793-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-793-1" "url": "http://www.ubuntu.com/usn/usn-793-1"
}, },
{ {
"name" : "34673", "name": "RHSA-2009:1081",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/34673" "url": "http://www.redhat.com/support/errata/RHSA-2009-1081.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10567", "name": "34981",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567" "url": "http://secunia.com/advisories/34981"
}, },
{ {
"name" : "oval:org.mitre.oval:def:8003", "name": "DSA-1800",
"refsource" : "OVAL", "refsource": "DEBIAN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003" "url": "http://www.debian.org/security/2009/dsa-1800"
}, },
{ {
"name" : "34981", "name": "35343",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34981" "url": "http://secunia.com/advisories/35343"
}, },
{ {
"name" : "35011", "name": "oval:org.mitre.oval:def:8003",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/35011" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003"
}, },
{ {
"name" : "35121", "name": "35387",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/35121" "url": "http://secunia.com/advisories/35387"
}, },
{ {
"name" : "35120", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=59de2bebabc5027f93df999d59cc65df591c3e6e",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/35120" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=59de2bebabc5027f93df999d59cc65df591c3e6e"
}, },
{ {
"name" : "35387", "name": "DSA-1787",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/35387" "url": "http://www.debian.org/security/2009/dsa-1787"
}, },
{ {
"name" : "37351", "name": "MDVSA-2009:119",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/37351" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
}, },
{ {
"name" : "37471", "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0084",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/37471" "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"
}, },
{ {
"name" : "35656", "name": "35121",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/35656" "url": "http://secunia.com/advisories/35121"
}, },
{ {
"name" : "35343", "name": "SUSE-SA:2009:054",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/35343" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html"
}, },
{ {
"name" : "ADV-2009-3316", "name": "ADV-2009-3316",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3316" "url": "http://www.vupen.com/english/advisories/2009/3316"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1342.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1342", "ID": "CVE-2009-1342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form." "value": "Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://drupal.org/node/434836", "name": "53702",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://drupal.org/node/434836" "url": "http://osvdb.org/53702"
}, },
{ {
"name" : "34547", "name": "ADV-2009-1060",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/34547" "url": "http://www.vupen.com/english/advisories/2009/1060"
}, },
{ {
"name" : "53702", "name": "34547",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/53702" "url": "http://www.securityfocus.com/bid/34547"
}, },
{ {
"name" : "34739", "name": "34739",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34739" "url": "http://secunia.com/advisories/34739"
}, },
{ {
"name" : "ADV-2009-1060", "name": "http://drupal.org/node/434836",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2009/1060" "url": "http://drupal.org/node/434836"
} }
] ]
} }

92
2009/1xxx/CVE-2009-1823.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1823", "ID": "CVE-2009-1823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.7 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML by modifying a document head, before the Content-Type META element, to contain crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, a related issue to CVE-2009-1575." "value": "Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.7 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML by modifying a document head, before the Content-Type META element, to contain crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, a related issue to CVE-2009-1575."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://drupal.org/node/461674", "name": "35040",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://drupal.org/node/461674" "url": "http://secunia.com/advisories/35040"
}, },
{ {
"name" : "34954", "name": "http://drupal.org/node/461674",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/34954" "url": "http://drupal.org/node/461674"
}, },
{ {
"name" : "54427", "name": "printeremailpdf-utf7-xss(50523)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/54427" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50523"
}, },
{ {
"name" : "35040", "name": "54427",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/35040" "url": "http://osvdb.org/54427"
}, },
{ {
"name" : "ADV-2009-1320", "name": "ADV-2009-1320",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1320" "url": "http://www.vupen.com/english/advisories/2009/1320"
}, },
{ {
"name" : "printeremailpdf-utf7-xss(50523)", "name": "34954",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50523" "url": "http://www.securityfocus.com/bid/34954"
} }
] ]
} }

116
2012/2xxx/CVE-2012-2136.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2136", "ID": "CVE-2012-2136",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device." "value": "The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc", "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc" "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5", "name": "RHSA-2012:0743",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5" "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=816289", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=816289" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc", "name": "53721",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc" "url": "http://www.securityfocus.com/bid/53721"
}, },
{ {
"name" : "RHSA-2012:1087", "name": "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1087.html" "url": "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc"
}, },
{ {
"name" : "RHSA-2012:0743", "name": "USN-1535-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0743.html" "url": "http://www.ubuntu.com/usn/USN-1535-1"
}, },
{ {
"name" : "USN-1535-1", "name": "USN-1529-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1535-1" "url": "http://ubuntu.com/usn/usn-1529-1"
}, },
{ {
"name" : "USN-1529-1", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=816289",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://ubuntu.com/usn/usn-1529-1" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=816289"
}, },
{ {
"name" : "53721", "name": "RHSA-2012:1087",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/53721" "url": "http://rhn.redhat.com/errata/RHSA-2012-1087.html"
}, },
{ {
"name" : "50807", "name": "50807",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/50807" "url": "http://secunia.com/advisories/50807"
} }
] ]
} }

80
2012/2xxx/CVE-2012-2253.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2012-2253", "ID": "CVE-2012-2253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter." "value": "Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.launchpad.net/mahara/+bug/1079498", "name": "DSA-2591",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://bugs.launchpad.net/mahara/+bug/1079498" "url": "http://www.debian.org/security/2012/dsa-2591"
}, },
{ {
"name" : "https://mahara.org/interaction/forum/topic.php?id=5076", "name": "https://bugs.launchpad.net/mahara/+bug/1079498",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://mahara.org/interaction/forum/topic.php?id=5076" "url": "https://bugs.launchpad.net/mahara/+bug/1079498"
}, },
{ {
"name" : "DSA-2591", "name": "https://mahara.org/interaction/forum/topic.php?id=5076",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2012/dsa-2591" "url": "https://mahara.org/interaction/forum/topic.php?id=5076"
}, },
{ {
"name" : "51404", "name": "51404",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/51404" "url": "http://secunia.com/advisories/51404"
} }
] ]
} }

22
2012/2xxx/CVE-2012-2262.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-2262", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-2262",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }

98
2012/2xxx/CVE-2012-2742.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2742", "ID": "CVE-2012-2742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack passwords and obtain access to keys via a brute-force attack." "value": "Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack passwords and obtain access to keys via a brute-force attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120618 CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key", "name": "revelation-passwordlength-weak-security(76407)",
"refsource" : "MLIST", "refsource": "XF",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/18/1" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76407"
}, },
{ {
"name" : "[oss-security] 20120618 Re: CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key", "name": "[oss-security] 20120618 CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/18/3" "url": "http://www.openwall.com/lists/oss-security/2012/06/18/1"
}, },
{ {
"name" : "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html", "name": "54060",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html" "url": "http://www.securityfocus.com/bid/54060"
}, },
{ {
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=421571", "name": "[oss-security] 20120618 Re: CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=421571" "url": "http://www.openwall.com/lists/oss-security/2012/06/18/3"
}, },
{ {
"name" : "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch", "name": "https://bugs.gentoo.org/show_bug.cgi?id=421571",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch" "url": "https://bugs.gentoo.org/show_bug.cgi?id=421571"
}, },
{ {
"name" : "54060", "name": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/54060" "url": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch"
}, },
{ {
"name" : "revelation-passwordlength-weak-security(76407)", "name": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76407" "url": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html"
} }
] ]
} }

92
2012/2xxx/CVE-2012-2869.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2869", "ID": "CVE-2012-2869",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a \"stale buffer.\"" "value": "Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a \"stale buffer.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=137778", "name": "oval:org.mitre.oval:def:15710",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://code.google.com/p/chromium/issues/detail?id=137778" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15710"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html", "name": "85034",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html" "url": "http://osvdb.org/85034"
}, },
{ {
"name" : "openSUSE-SU-2012:1215", "name": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html" "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"
}, },
{ {
"name" : "85034", "name": "chrome-stale-buffer-code-exec(78178)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/85034" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78178"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15710", "name": "http://code.google.com/p/chromium/issues/detail?id=137778",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15710" "url": "http://code.google.com/p/chromium/issues/detail?id=137778"
}, },
{ {
"name" : "chrome-stale-buffer-code-exec(78178)", "name": "openSUSE-SU-2012:1215",
"refsource" : "XF", "refsource": "SUSE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78178" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"
} }
] ]
} }

80
2012/3xxx/CVE-2012-3588.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3588", "ID": "CVE-2012-3588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter." "value": "Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "19018", "name": "49464",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "http://www.exploit-db.com/exploits/19018" "url": "http://secunia.com/advisories/49464"
}, },
{ {
"name" : "http://www.opensyscom.fr/Actualites/wordpress-plugins-plugin-newsletter-remote-file-disclosure-vulnerability.html", "name": "newsletter-preview-file-disclosure(76171)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.opensyscom.fr/Actualites/wordpress-plugins-plugin-newsletter-remote-file-disclosure-vulnerability.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76171"
}, },
{ {
"name" : "49464", "name": "19018",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/49464" "url": "http://www.exploit-db.com/exploits/19018"
}, },
{ {
"name" : "newsletter-preview-file-disclosure(76171)", "name": "http://www.opensyscom.fr/Actualites/wordpress-plugins-plugin-newsletter-remote-file-disclosure-vulnerability.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76171" "url": "http://www.opensyscom.fr/Actualites/wordpress-plugins-plugin-newsletter-remote-file-disclosure-vulnerability.html"
} }
] ]
} }

92
2012/3xxx/CVE-2012-3631.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3631", "ID": "CVE-2012-3631",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1." "value": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5400", "name": "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400" "url": "http://support.apple.com/kb/HT5485"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5485", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5485" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "APPLE-SA-2012-07-25-1", "name": "APPLE-SA-2012-09-12-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-12-1", "name": "APPLE-SA-2012-07-25-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "http://support.apple.com/kb/HT5400",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "http://support.apple.com/kb/HT5400"
} }
] ]
} }

116
2012/3xxx/CVE-2012-3647.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3647", "ID": "CVE-2012-3647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1." "value": "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5485", "name": "APPLE-SA-2012-09-19-3",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5485" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5502", "name": "oval:org.mitre.oval:def:17516",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://support.apple.com/kb/HT5502" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17516"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://support.apple.com/kb/HT5485"
}, },
{ {
"name" : "APPLE-SA-2012-09-12-1", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "apple-itunes-webkit-cve20123647(78518)",
"refsource" : "APPLE", "refsource": "XF",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78518"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-3", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "55534", "name": "http://support.apple.com/kb/HT5502",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/55534" "url": "http://support.apple.com/kb/HT5502"
}, },
{ {
"name" : "85401", "name": "55534",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/85401" "url": "http://www.securityfocus.com/bid/55534"
}, },
{ {
"name" : "oval:org.mitre.oval:def:17516", "name": "85401",
"refsource" : "OVAL", "refsource": "OSVDB",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17516" "url": "http://osvdb.org/85401"
}, },
{ {
"name" : "apple-itunes-webkit-cve20123647(78518)", "name": "APPLE-SA-2012-09-12-1",
"refsource" : "XF", "refsource": "APPLE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78518" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3916.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3916", "ID": "CVE-2012-3916",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/3xxx/CVE-2012-3933.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3933", "ID": "CVE-2012-3933",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2012/4xxx/CVE-2012-4164.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2012-4164", "ID": "CVE-2012-4164",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165." "value": "Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-19.html", "name": "RHSA-2012:1203",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-19.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-1203.html"
}, },
{ {
"name" : "GLSA-201209-01", "name": "GLSA-201209-01",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201209-01.xml" "url": "http://security.gentoo.org/glsa/glsa-201209-01.xml"
}, },
{ {
"name" : "HPSBMU02948", "name": "HPSBMU02948",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=139455789818399&w=2" "url": "http://marc.info/?l=bugtraq&m=139455789818399&w=2"
}, },
{ {
"name" : "RHSA-2012:1203", "name": "http://www.adobe.com/support/security/bulletins/apsb12-19.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1203.html" "url": "http://www.adobe.com/support/security/bulletins/apsb12-19.html"
} }
] ]
} }

22
2012/6xxx/CVE-2012-6366.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6366", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-6366",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }

86
2012/6xxx/CVE-2012-6534.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6534", "ID": "CVE-2012-6534",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results \"Save Query As\" \"Save As Retention Policy\" action." "value": "Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results \"Save Query As\" \"Save As Retention Policy\" action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "21744", "name": "20121003 Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability",
"refsource" : "EXPLOIT-DB", "refsource": "FULLDISC",
"url" : "https://www.exploit-db.com/exploits/21744/" "url": "http://seclists.org/fulldisclosure/2012/Oct/25"
}, },
{ {
"name" : "20121003 Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability", "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5150932.html",
"refsource" : "FULLDISC", "refsource": "CONFIRM",
"url" : "http://seclists.org/fulldisclosure/2012/Oct/25" "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5150932.html"
}, },
{ {
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5150932.html", "name": "https://bugzilla.novell.com/show_bug.cgi?id=771634",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5150932.html" "url": "https://bugzilla.novell.com/show_bug.cgi?id=771634"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=771634", "name": "https://www.netiq.com/documentation/novelllogmanager12/readme/data/log_manager1203_readme.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=771634" "url": "https://www.netiq.com/documentation/novelllogmanager12/readme/data/log_manager1203_readme.html"
}, },
{ {
"name" : "https://www.netiq.com/documentation/novelllogmanager12/readme/data/log_manager1203_readme.html", "name": "21744",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://www.netiq.com/documentation/novelllogmanager12/readme/data/log_manager1203_readme.html" "url": "https://www.exploit-db.com/exploits/21744/"
} }
] ]
} }

22
2012/6xxx/CVE-2012-6680.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6680", "ID": "CVE-2012-6680",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/2xxx/CVE-2017-2037.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-2037", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-2037",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

92
2017/2xxx/CVE-2017-2457.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2457", "ID": "CVE-2017-2457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "41803", "name": "97147",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/41803/" "url": "http://www.securityfocus.com/bid/97147"
}, },
{ {
"name" : "https://support.apple.com/HT207600", "name": "41803",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://support.apple.com/HT207600" "url": "https://www.exploit-db.com/exploits/41803/"
}, },
{ {
"name" : "https://support.apple.com/HT207617", "name": "1038138",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT207617" "url": "http://www.securitytracker.com/id/1038138"
}, },
{ {
"name" : "GLSA-201706-15", "name": "GLSA-201706-15",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-15" "url": "https://security.gentoo.org/glsa/201706-15"
}, },
{ {
"name" : "97147", "name": "https://support.apple.com/HT207600",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97147" "url": "https://support.apple.com/HT207600"
}, },
{ {
"name" : "1038138", "name": "https://support.apple.com/HT207617",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038138" "url": "https://support.apple.com/HT207617"
} }
] ]
} }

92
2017/2xxx/CVE-2017-2490.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2490", "ID": "CVE-2017-2490",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "41804", "name": "97301",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/41804/" "url": "http://www.securityfocus.com/bid/97301"
}, },
{ {
"name" : "https://support.apple.com/HT207601", "name": "41804",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://support.apple.com/HT207601" "url": "https://www.exploit-db.com/exploits/41804/"
}, },
{ {
"name" : "https://support.apple.com/HT207602", "name": "https://support.apple.com/HT207601",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207602" "url": "https://support.apple.com/HT207601"
}, },
{ {
"name" : "https://support.apple.com/HT207615", "name": "https://support.apple.com/HT207615",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207615" "url": "https://support.apple.com/HT207615"
}, },
{ {
"name" : "https://support.apple.com/HT207617", "name": "https://support.apple.com/HT207602",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207617" "url": "https://support.apple.com/HT207602"
}, },
{ {
"name" : "97301", "name": "https://support.apple.com/HT207617",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97301" "url": "https://support.apple.com/HT207617"
} }
] ]
} }

82
2017/2xxx/CVE-2017-2623.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "anemec@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2017-2623", "ID": "CVE-2017-2623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "rpm-ostree,", "product_name": "rpm-ostree,",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2017.3" "version_value": "2017.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Project Atomic" "vendor_name": "Project Atomic"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default." "value": "It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : [ "cvss": [
[ [
{ {
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version" : "3.0" "version": "3.0"
} }
] ]
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-295" "value": "CWE-295"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2623", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2623",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2623" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2623"
}, },
{ {
"name" : "RHSA-2017:0444", "name": "RHSA-2017:0444",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:0444" "url": "https://access.redhat.com/errata/RHSA-2017:0444"
}, },
{ {
"name" : "96558", "name": "96558",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/96558" "url": "http://www.securityfocus.com/bid/96558"
} }
] ]
} }

70
2017/2xxx/CVE-2017-2811.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2017-08-04T00:00:00", "DATE_PUBLIC": "2017-08-04T00:00:00",
"ID" : "CVE-2017-2811", "ID": "CVE-2017-2811",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Kakadu SDK", "product_name": "Kakadu SDK",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.9 - OSX & Linux" "version_value": "7.9 - OSX & Linux"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kakadu Software" "vendor_name": "Kakadu Software"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise." "value": "A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "remote code execution" "value": "remote code execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308", "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308" "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308"
}, },
{ {
"name" : "100141", "name": "100141",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/100141" "url": "http://www.securityfocus.com/bid/100141"
} }
] ]
} }

76
2017/2xxx/CVE-2017-2899.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2018-01-11T00:00:00", "DATE_PUBLIC": "2018-01-11T00:00:00",
"ID" : "CVE-2017-2899", "ID": "CVE-2017-2899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Blender", "product_name": "Blender",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v2.78c" "version_value": "v2.78c"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Blender" "vendor_name": "Blender"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability." "value": "An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "buffer overflow" "value": "buffer overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180813 [SECURITY] [DLA 1465-1] blender security update", "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html" "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406"
}, },
{ {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406", "name": "[debian-lts-announce] 20180813 [SECURITY] [DLA 1465-1] blender security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406" "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html"
}, },
{ {
"name" : "DSA-4248", "name": "DSA-4248",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4248" "url": "https://www.debian.org/security/2018/dsa-4248"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11091.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11091", "ID": "CVE-2018-11091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the \"HiddenFieldControlCustomWhiteListedExtensions\" parameter and add arbitrary extensions to the whitelist during the upload. For instance, if the extension .asp is added to the \"HiddenFieldControlCustomWhiteListedExtensions\" parameter, the server accepts \"secctest.asp\" as a legitimate file. Hence malicious files can be uploaded in order to execute arbitrary commands to take over the server." "value": "An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the \"HiddenFieldControlCustomWhiteListedExtensions\" parameter and add arbitrary extensions to the whitelist during the upload. For instance, if the extension .asp is added to the \"HiddenFieldControlCustomWhiteListedExtensions\" parameter, the server accepts \"secctest.asp\" as a legitimate file. Hence malicious files can be uploaded in order to execute arbitrary commands to take over the server."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://seclists.org/fulldisclosure/2018/May/32", "name": "https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/32" "url": "https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/"
}, },
{ {
"name" : "https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/", "name": "http://seclists.org/fulldisclosure/2018/May/32",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/" "url": "http://seclists.org/fulldisclosure/2018/May/32"
} }
] ]
} }

22
2018/11xxx/CVE-2018-11282.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11282", "ID": "CVE-2018-11282",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/11xxx/CVE-2018-11501.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11501", "ID": "CVE-2018-11501",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2." "value": "PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://whitehatck01.blogspot.com/2018/02/website-seller-script-203-stored-xss.html", "name": "https://whitehatck01.blogspot.com/2018/02/website-seller-script-203-stored-xss.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://whitehatck01.blogspot.com/2018/02/website-seller-script-203-stored-xss.html" "url": "https://whitehatck01.blogspot.com/2018/02/website-seller-script-203-stored-xss.html"
}, },
{ {
"name" : "https://gkaim.com/cve-2018-11501-vikas-chaudhary/", "name": "https://gkaim.com/cve-2018-11501-vikas-chaudhary/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://gkaim.com/cve-2018-11501-vikas-chaudhary/" "url": "https://gkaim.com/cve-2018-11501-vikas-chaudhary/"
} }
] ]
} }

74
2018/11xxx/CVE-2018-11591.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11591", "ID": "CVE-2018-11591",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c." "value": "Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/espruino/Espruino/commit/b6d362f6a1f2de0b3e7604848116efb509196bf4", "name": "https://github.com/espruino/Espruino/issues/1420",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/commit/b6d362f6a1f2de0b3e7604848116efb509196bf4" "url": "https://github.com/espruino/Espruino/issues/1420"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/files/2015612/test.txt", "name": "https://github.com/espruino/Espruino/commit/b6d362f6a1f2de0b3e7604848116efb509196bf4",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/files/2015612/test.txt" "url": "https://github.com/espruino/Espruino/commit/b6d362f6a1f2de0b3e7604848116efb509196bf4"
}, },
{ {
"name" : "https://github.com/espruino/Espruino/issues/1420", "name": "https://github.com/espruino/Espruino/files/2015612/test.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/espruino/Espruino/issues/1420" "url": "https://github.com/espruino/Espruino/files/2015612/test.txt"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11799.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2018-11799", "ID": "CVE-2018-11799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Oozie", "product_name": "Apache Oozie",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Apache Oozie 3.1.3-incubating to 5.0.0" "version_value": "Apache Oozie 3.1.3-incubating to 5.0.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name." "value": "Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Gain Privileges" "value": "Gain Privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://lists.apache.org/thread.html/347e7a8cb86014b7ca37e49eb00b8d088203bdc0bcfb4799f8e5955a@%3Cuser.oozie.apache.org%3E", "name": "https://lists.apache.org/thread.html/347e7a8cb86014b7ca37e49eb00b8d088203bdc0bcfb4799f8e5955a@%3Cuser.oozie.apache.org%3E",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://lists.apache.org/thread.html/347e7a8cb86014b7ca37e49eb00b8d088203bdc0bcfb4799f8e5955a@%3Cuser.oozie.apache.org%3E" "url": "https://lists.apache.org/thread.html/347e7a8cb86014b7ca37e49eb00b8d088203bdc0bcfb4799f8e5955a@%3Cuser.oozie.apache.org%3E"
}, },
{ {
"name" : "106266", "name": "106266",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/106266" "url": "http://www.securityfocus.com/bid/106266"
} }
] ]
} }

22
2018/14xxx/CVE-2018-14202.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14202", "ID": "CVE-2018-14202",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/14xxx/CVE-2018-14220.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14220", "ID": "CVE-2018-14220",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/14xxx/CVE-2018-14227.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14227", "ID": "CVE-2018-14227",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/14xxx/CVE-2018-14252.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14252", "ID": "CVE-2018-14252",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.1049" "version_value": "9.0.1.1049"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6015." "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6015."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')" "value": "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-712", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-712" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "https://zerodayinitiative.com/advisories/ZDI-18-712",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "https://zerodayinitiative.com/advisories/ZDI-18-712"
} }
] ]
} }

62
2018/14xxx/CVE-2018-14699.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14699", "ID": "CVE-2018-14699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the \"username\" URL parameter." "value": "System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the \"username\" URL parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc", "name": "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc" "url": "https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15091.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15091", "ID": "CVE-2018-15091",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

88
2018/15xxx/CVE-2018-15373.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2018-09-26T16:00:00-0500", "DATE_PUBLIC": "2018-09-26T16:00:00-0500",
"ID" : "CVE-2018-15373", "ID": "CVE-2018-15373",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability" "TITLE": "Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco IOS Software", "product_name": "Cisco IOS Software",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition." "value": "A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : { "cvss": {
"baseScore" : "7.4", "baseScore": "7.4",
"version" : "3.0" "version": "3.0"
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-399" "value": "CWE-399"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20180926 Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability", "name": "20180926 Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-dos" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-dos"
}, },
{ {
"name" : "105413", "name": "105413",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105413" "url": "http://www.securityfocus.com/bid/105413"
} }
] ]
}, },
"source" : { "source": {
"advisory" : "cisco-sa-20180926-cdp-dos", "advisory": "cisco-sa-20180926-cdp-dos",
"defect" : [ "defect": [
[ [
"CSCvg54267" "CSCvg54267"
] ]
], ],
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

88
2018/15xxx/CVE-2018-15397.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2018-10-03T16:00:00-0500", "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
"ID" : "CVE-2018-15397", "ID": "CVE-2018-15397",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability" "TITLE": "Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Adaptive Security Appliance (ASA) Software ", "product_name": "Cisco Adaptive Security Appliance (ASA) Software ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition." "value": "A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : { "cvss": {
"baseScore" : "6.8", "baseScore": "6.8",
"version" : "3.0" "version": "3.0"
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-320" "value": "CWE-320"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20181003 Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability", "name": "20181003 Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-ipsec-dos" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-ipsec-dos"
}, },
{ {
"name" : "1041786", "name": "1041786",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041786" "url": "http://www.securitytracker.com/id/1041786"
} }
] ]
}, },
"source" : { "source": {
"advisory" : "cisco-sa-20181003-asa-ipsec-dos", "advisory": "cisco-sa-20181003-asa-ipsec-dos",
"defect" : [ "defect": [
[ [
"CSCuy57310" "CSCuy57310"
] ]
], ],
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

62
2018/15xxx/CVE-2018-15676.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15676", "ID": "CVE-2018-15676",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crk_protection.php anti-XSS mechanism that looks for a number of dangerous fingerprints." "value": "An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crk_protection.php anti-XSS mechanism that looks for a number of dangerous fingerprints."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://rastating.github.io/xbtit-multiple-vulnerabilities/", "name": "https://rastating.github.io/xbtit-multiple-vulnerabilities/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://rastating.github.io/xbtit-multiple-vulnerabilities/" "url": "https://rastating.github.io/xbtit-multiple-vulnerabilities/"
} }
] ]
} }

22
2018/20xxx/CVE-2018-20435.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20435", "ID": "CVE-2018-20435",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/8xxx/CVE-2018-8059.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8059", "ID": "CVE-2018-8059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used." "value": "The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://openwall.com/lists/oss-security/2018/03/07/4", "name": "http://openwall.com/lists/oss-security/2018/03/07/4",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2018/03/07/4" "url": "http://openwall.com/lists/oss-security/2018/03/07/4"
} }
] ]
} }

22
2018/8xxx/CVE-2018-8109.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8109", "ID": "CVE-2018-8109",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

182
2018/8xxx/CVE-2018-8446.json
View File

@ -1,215 +1,215 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8446", "ID": "CVE-2018-8446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 7", "product_name": "Windows 7",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 1" "version_value": "32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008", "product_name": "Windows Server 2008",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 2" "version_value": "32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "32-bit Systems Service Pack 2 (Server Core installation)" "version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
}, },
{ {
"version_value" : "Itanium-Based Systems Service Pack 2" "version_value": "Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2" "version_value": "x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2 (Server Core installation)" "version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012", "product_name": "Windows Server 2012",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008 R2", "product_name": "Windows Server 2008 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Itanium-Based Systems Service Pack 1" "version_value": "Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" "version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445." "value": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \"Windows Kernel Information Disclosure Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8446", "name": "1041635",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8446" "url": "http://www.securitytracker.com/id/1041635"
}, },
{ {
"name" : "105217", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8446",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/105217" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8446"
}, },
{ {
"name" : "1041635", "name": "105217",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1041635" "url": "http://www.securityfocus.com/bid/105217"
} }
] ]
} }

88
2018/8xxx/CVE-2018-8532.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8532", "ID": "CVE-2018-8532",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SQL Server Management Studio 17.9", "product_name": "SQL Server Management Studio 17.9",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SQL Server Management Studio 17.9" "version_value": "SQL Server Management Studio 17.9"
} }
] ]
} }
}, },
{ {
"product_name" : "SQL Server Management Studio 18.0", "product_name": "SQL Server Management Studio 18.0",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Preview 4)" "version_value": "(Preview 4)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka \"SQL Server Management Studio Information Disclosure Vulnerability.\" This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8527, CVE-2018-8533." "value": "An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka \"SQL Server Management Studio Information Disclosure Vulnerability.\" This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8527, CVE-2018-8533."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "45587", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8532",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/45587/" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8532"
}, },
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8532", "name": "1041826",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8532" "url": "http://www.securitytracker.com/id/1041826"
}, },
{ {
"name" : "105475", "name": "105475",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105475" "url": "http://www.securityfocus.com/bid/105475"
}, },
{ {
"name" : "1041826", "name": "45587",
"refsource" : "SECTRACK", "refsource": "EXPLOIT-DB",
"url" : "http://www.securitytracker.com/id/1041826" "url": "https://www.exploit-db.com/exploits/45587/"
} }
] ]
} }

78
2018/8xxx/CVE-2018-8849.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-05-17T00:00:00", "DATE_PUBLIC": "2018-05-17T00:00:00",
"ID" : "CVE-2018-8849", "ID": "CVE-2018-8849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "N'Vision Clinician Programmer", "product_name": "N'Vision Clinician Programmer",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8840 N'Vision Clinician Programmer, all versions" "version_value": "8840 N'Vision Clinician Programmer, all versions"
}, },
{ {
"version_value" : "8870 N'Vision removable Application Card, all versions" "version_value": "8870 N'Vision removable Application Card, all versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Medtronic" "vendor_name": "Medtronic"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest." "value": "Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MISSING ENCRYPTION OF SENSITIVE DATA CWE-311" "value": "MISSING ENCRYPTION OF SENSITIVE DATA CWE-311"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01", "name": "104213",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01" "url": "http://www.securityfocus.com/bid/104213"
}, },
{ {
"name" : "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf", "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf" "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
}, },
{ {
"name" : "104213", "name": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/104213" "url": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf"
} }
] ]
} }