mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2024-12-15T03:00:19.262894+00:00
This commit is contained in:
cad-safe-bot
parent
629b746515
commit
5fc0b01395
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:58.853",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "This functionality should be disabled, because these commands can be used for attack reconnaissance.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "This functionality should be disabled, because these commands can be used for attack reconnaissance.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.310",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The FTP Service is an unsecured protocol for Internet facing systems and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. Secure alternatives that encrypt communications are available. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The FTP Service is an unsecured protocol for Internet facing systems and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. Secure alternatives that encrypt communications are available. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.343",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "SNMPv3 is a secure protocol for management of networked systems, provided the cryptographic security mechanisms are used. SNMPv1 and SNMPv2 are unsecured protocols for Internet facing systems and should only be used on a trusted network segment. For all versions, the software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "SNMPv3 is a secure protocol for management of networked systems, provided the cryptographic security mechanisms are used. SNMPv1 and SNMPv2 are unsecured protocols for Internet facing systems and should only be used on a trusted network segment. For all versions, the software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.373",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The TFTP Service is an unsecured protocol and it should used only on a limited basis on rare occasion to provide a specific functional requirement, otherwise disabled. Secure alternatives are available.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The TFTP Service is an unsecured protocol and it should used only on a limited basis on rare occasion to provide a specific functional requirement, otherwise disabled. Secure alternatives are available.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.410",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The SMTP Service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted) and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The SMTP Service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted) and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.450",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The Telnet Service is an unsecured and obsolete protocol and it should be disabled. Secure alternatives such as SSH are available.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The Telnet Service is an unsecured and obsolete protocol and it should be disabled. Secure alternatives such as SSH are available.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.480",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "These protocols, such as RPC ypbind, yppasswd, ypserv, ypupdated, and ypxfrd, are unsecured protocols for Internet facing systems and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "These protocols, such as RPC ypbind, yppasswd, ypserv, ypupdated, and ypxfrd, are unsecured protocols for Internet facing systems and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.540",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "This component service should not be allowed to communicate over untrusted networks, such as the Internet, because it is an unsecured protocol (e.g., communications not encrypted). The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "This component service should not be allowed to communicate over untrusted networks, such as the Internet, because it is an unsecured protocol (e.g., communications not encrypted). The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.607",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "DNS is a critical network service. It should be fully patched and properly configured for Internet facing servers to avoid common attacks such as DNS spoofing, poisoning, and unauthorized zone transfers.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "DNS is a critical network service. It should be fully patched and properly configured for Internet facing servers to avoid common attacks such as DNS spoofing, poisoning, and unauthorized zone transfers.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.640",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The XWindows service is an unsecured protocol for Internet facing system and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The XWindows service is an unsecured protocol for Internet facing system and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.713",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "NFS Service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted) and should only be used on a trusted managed network, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "NFS Service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted) and should only be used on a trusted managed network, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.750",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly. SSL/TLS should be used to protect transmissions of sensitive data. The presence of HTTP may be an indication that an web application server is running on the system.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly. SSL/TLS should be used to protect transmissions of sensitive data. The presence of HTTP may be an indication that an web application server is running on the system.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.870",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "SSH is a secure protocol, provided it is fully patched, properly configured, and uses FIPS approved algorithms. SSH version 2 is preferred over SSH version 1 because of known flaws in version 1.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "SSH is a secure protocol, provided it is fully patched, properly configured, and uses FIPS approved algorithms. SSH version 2 is preferred over SSH version 1 because of known flaws in version 1.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:54:59.973",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "POP3 is an unsecured protocol for Internet facing systems that does not encrypt its transmissions. POP3 should be tunneled over SSL/TLS or another encrypted tunnel. The software should be patched and configured properly. Earlier versions of POP, such as POP2, are unsecured and obsolete, and should be disabled.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "POP3 is an unsecured protocol for Internet facing systems that does not encrypt its transmissions. POP3 should be tunneled over SSL/TLS or another encrypted tunnel. The software should be patched and configured properly. Earlier versions of POP, such as POP2, are unsecured and obsolete, and should be disabled.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.010",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "IMAP Service is an unsecured protocol for Internet facing systems that does not encrypt its transmissions. IMAP should be tunneled over SSL/TLS or another encrypted tunnel. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "IMAP Service is an unsecured protocol for Internet facing systems that does not encrypt its transmissions. IMAP should be tunneled over SSL/TLS or another encrypted tunnel. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.043",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "NNTP news service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted). It could be tunneled over SSL/TLS. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "NNTP news service is an unsecured protocol for Internet facing systems (e.g., user authentication not required, communications not encrypted). It could be tunneled over SSL/TLS. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.070",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "IRC Service is an unsecured protocol that typically does not authenticate the identity of users and does not encrypt its network communications. IRC is not commonly deployed on enterprise networks. If an organization decides to use it, it should be patched and configured properly, otherwise it should be disabled.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "IRC Service is an unsecured protocol that typically does not authenticate the identity of users and does not encrypt its network communications. IRC is not commonly deployed on enterprise networks. If an organization decides to use it, it should be patched and configured properly, otherwise it should be disabled.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.103",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly to prevent information disclosure. It can be tunneled over SSL/TLS.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly to prevent information disclosure. It can be tunneled over SSL/TLS.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.137",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The bootparam service is an unsecured protocol for Internet facing systems and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The bootparam service is an unsecured protocol for Internet facing systems and should only be used on a trusted network segment, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.170",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "X25 is an unsecured protocol for Internet facing systems and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "X25 is an unsecured protocol for Internet facing systems and should only be used on a limited basis to provide a specific functional requirement, otherwise disabled. The software should be patched and configured properly.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,8 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.253",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly to prevent information leakage and unauthorized access.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -14,5 +12,7 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The software should be patched and configured properly to prevent information leakage and unauthorized access.",
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.307",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.370",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.407",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:55:00.443",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn\u2019t fit in the CVE software flaw list. The Common Vulnerability Scoring System (CVSS) base score for this CVE entry has been set to 0 because this CVE entry has no impact as a software flaw according to CVSS. This does not mean that the configuration issue is not important and there may be security implications relative to computers having this configuration."
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:56:09.847",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "'TEST' or 'KMF_DEADBEEF' flags must be set to (0x2) in order for this exploit to work.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "'TEST' or 'KMF_DEADBEEF' flags must be set to (0x2) in order for this exploit to work."
|
||||
}
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2004-12-31T05:00:00.000",
|
||||
"lastModified": "2024-11-20T23:50:56.793",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:57:07.220",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorComment": "Per http://ekoparty.org/2011/juliano-rizzo.php, 'Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing.'\r\n\r\nThe current configuration includes released versions of major browsers. List \r\nsubject to change based on additional information as it becomes available.\r\n",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorComment": "Per http://ekoparty.org/2011/juliano-rizzo.php, 'Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing.'\r\n\r\nThe current configuration includes released versions of major browsers. List \r\nsubject to change based on additional information as it becomes available.\r\n"
|
||||
}
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@apache.org",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cret@cert.org",
|
||||
"published": "2006-05-20T00:02:00.000",
|
||||
"lastModified": "2024-11-21T00:11:26.077",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:58:50.130",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nFreeType, FreeType, 2.2.1",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nFreeType, FreeType, 2.2.1"
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T01:58:51.110",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "Upgrade to PunkBuster version 1.229 :\r\nhttp://www.punkbuster.com",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "Upgrade to PunkBuster version 1.229 :\r\nhttp://www.punkbuster.com"
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:00:12.820",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorComment": "The configuration has conditions of \"IPFilter with PHNE_34474 applied\" must be set, so a medium difficulty.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorComment": "The configuration has conditions of \"IPFilter with PHNE_34474 applied\" must be set, so a medium difficulty."
|
||||
}
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:00:26.963",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "This vulnerability is addressed in the following product release: Lotus Domino 6.5.6 and 7.0.2 Fix Pack 1 (FP1). For more information consult the following URL: http://www-1.ibm.com/support/docview.wss?uid=swg21257026 \r\n\r\n",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "This vulnerability is addressed in the following product release: Lotus Domino 6.5.6 and 7.0.2 Fix Pack 1 (FP1). For more information consult the following URL: http://www-1.ibm.com/support/docview.wss?uid=swg21257026 \r\n\r\n"
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:00:49.403",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "The vendor has released an update to address this issue: http://prdownloads.sourceforge.jp/hiki/25954/hiki-0.8.7.tar.gz\r\n\r\n",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "The vendor has released an update to address this issue: http://prdownloads.sourceforge.jp/hiki/25954/hiki-0.8.7.tar.gz\r\n\r\n"
|
||||
}
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:00:57.717",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorComment": "Citrix Access Gateway is available as software or as a hardware device.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorComment": "Citrix Access Gateway is available as software or as a hardware device."
|
||||
}
|
||||
@ -11,13 +11,13 @@
|
||||
"value": "Rejected reason: The MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 does not include \"one character in the shell escape handling.\" NOTE: this issue was originally characterized as a shell metacharacter issue due to an incomplete fix for CVE-2007-2447, which was interpreted by CVE to be security relevant. However, SUSE and Red Hat have disputed the problem, stating that the only impact is that scripts will not be executed if they have a \"c\" in their name, but even this limitation might not exist. This does not have security implications, so should not be included in CVE"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "The CVE description for this bug is incorrect. The backported patch for CVE-2007-2447 missed the character \u2019c\u2019 in the shell escaping whitelist of allowed characters, therefore not allowing commands with a \u2019c\u2019 in them to be executed. This is therefore a regression bug and not a security vulnerability.",
|
||||
"lastModified": "2007-08-17T00:00:00"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
]
|
||||
}
|
||||
@ -11,13 +11,13 @@
|
||||
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-1205. Reason: This candidate is a duplicate of CVE-2000-1205. Notes: All CVE users should reference CVE-2000-1205 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "Not vulnerable. This is a rediscovery and therefore a duplicate of CVE-2000-1205 which was corrected in upstream Apache httpd 1.3.11.",
|
||||
"lastModified": "2007-08-03T00:00:00"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
]
|
||||
}
|
||||
@ -11,13 +11,6 @@
|
||||
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6113. Reason: This candidate is a duplicate of CVE-2007-6113. Notes: All CVE users should reference CVE-2007-6113 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
|
||||
}
|
||||
],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "Duplicate of CVE-2007-6113.",
|
||||
"lastModified": "2008-01-04T00:00:00"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"weaknesses": [
|
||||
{
|
||||
@ -31,5 +24,12 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": []
|
||||
"references": [],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "Duplicate of CVE-2007-6113.",
|
||||
"lastModified": "2008-01-04T00:00:00"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2008-02-12T19:00:00.000",
|
||||
"lastModified": "2024-11-21T00:38:24.780",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:01:33.480",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "Patch = http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1926",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -25,5 +24,6 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "Patch = http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1926"
|
||||
}
|
||||
@ -19,11 +19,11 @@
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-119"
|
||||
"value": "CWE-20"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-20"
|
||||
"value": "CWE-119"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2008-02-07T21:00:00.000",
|
||||
"lastModified": "2024-11-21T00:42:36.300",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2008-11-04T18:29:47.667",
|
||||
"lastModified": "2024-11-21T00:48:11.157",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2008-08-05T19:41:00.000",
|
||||
"lastModified": "2024-11-21T00:49:14.297",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:02:47.977",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorSolution": "Patch Information: http://amarok.kde.org/en/node/535/",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorSolution": "Patch Information: http://amarok.kde.org/en/node/535/"
|
||||
}
|
||||
@ -11,13 +11,13 @@
|
||||
"value": "Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "Red Hat does not consider this to be a security issue. For more information, please see the following bug:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0242",
|
||||
"lastModified": "2009-01-22T00:00:00"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
]
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2009-06-10T18:30:00.203",
|
||||
"lastModified": "2024-11-21T01:00:18.907",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2009-06-10T18:00:00.313",
|
||||
"lastModified": "2024-11-21T01:00:19.833",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -11,13 +11,13 @@
|
||||
"value": "Rejected reason: Format string vulnerability in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit imap-2007d and other applications, allows remote attackers to execute arbitrary code via format string specifiers in the initial request to the IMAP port (143/tcp). NOTE: Red Hat has disputed the vulnerability, stating \"The Red Hat Security Response Team have been unable to confirm the existence of this format string vulnerability in the toolkit, and the sample published exploit is not complete or functional.\" CVE agrees that the exploit contains syntax errors and uses Unix-only include files while invoking Windows functions"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [],
|
||||
"vendorComments": [
|
||||
{
|
||||
"organization": "Red Hat",
|
||||
"comment": "Disputed: The Red Hat Security Response Team have been unable to confirm the existence of this format string vulnerability in the toolkit, and the sample published exploit is not complete or functional.",
|
||||
"lastModified": "2009-02-24T00:00:00"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
]
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2009-03-19T10:30:00.420",
|
||||
"lastModified": "2024-11-21T01:01:14.700",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2009-06-10T18:30:00.327",
|
||||
"lastModified": "2024-11-21T01:01:43.703",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2009-03-26T14:30:00.267",
|
||||
"lastModified": "2024-11-21T01:01:47.257",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:03:58.533",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "Per http://www.microsoft.com/technet/security/advisory/971492.mspx\r\n\r\nAffected Software\r\n\r\nMicrosoft Internet Information Services 5.0\r\n\r\nMicrosoft Internet Information Services 5.1\r\n\r\nMicrosoft Internet Information Services 6.0",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "Per http://www.microsoft.com/technet/security/advisory/971492.mspx\r\n\r\nAffected Software\r\n\r\nMicrosoft Internet Information Services 5.0\r\n\r\nMicrosoft Internet Information Services 5.1\r\n\r\nMicrosoft Internet Information Services 6.0"
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2009-07-23T20:30:00.233",
|
||||
"lastModified": "2024-11-21T01:03:33.637",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "ykramarz@cisco.com",
|
||||
"published": "2009-08-19T17:30:01.047",
|
||||
"lastModified": "2024-11-21T01:04:01.363",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:04:10.407",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorImpact": "Per http://www.kb.cert.org/vuls/id/259425\r\n\r\n\"Adobe Flash is a widely deployed multimedia platform typically used to provide content in web sites. Adobe Flash Player, Reader, Acrobat, and other Adobe products include Flash support.\r\n\r\nAdobe Flash Player contains a code execution vulnerability. An attacker may be able to trigger this vulnerability by convincing a user to open a specially crafted Flash (SWF) file. The SWF file could be hosted or embedded in a web page or contained in a Portable Document Format (PDF) file. If an attacker can take control of a website or web server, trusted sites may exploit this vulnerability.\r\n\r\nThis vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0 \"",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorImpact": "Per http://www.kb.cert.org/vuls/id/259425\r\n\r\n\"Adobe Flash is a widely deployed multimedia platform typically used to provide content in web sites. Adobe Flash Player, Reader, Acrobat, and other Adobe products include Flash support.\r\n\r\nAdobe Flash Player contains a code execution vulnerability. An attacker may be able to trigger this vulnerability by convincing a user to open a specially crafted Flash (SWF) file. The SWF file could be hosted or embedded in a web page or contained in a Portable Document Format (PDF) file. If an attacker can take control of a website or web server, trusted sites may exploit this vulnerability.\r\n\r\nThis vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0 \""
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2009-11-11T19:30:00.530",
|
||||
"lastModified": "2024-11-21T01:06:37.087",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2010-01-13T19:30:00.343",
|
||||
"lastModified": "2024-11-21T01:08:35.723",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2010-02-15T18:30:00.407",
|
||||
"lastModified": "2024-11-21T01:08:36.757",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -5,7 +5,6 @@
|
||||
"lastModified": "2023-11-07T02:04:42.053",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"evaluatorComment": "\r\n\r\nPlease refer to CVE-2009-3672 for more updated information from vendor.",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -13,5 +12,6 @@
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": []
|
||||
"references": [],
|
||||
"evaluatorComment": "\r\n\r\nPlease refer to CVE-2009-3672 for more updated information from vendor."
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2009-12-15T02:30:00.217",
|
||||
"lastModified": "2024-11-21T01:09:22.217",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2010-02-22T13:00:02.127",
|
||||
"lastModified": "2024-11-21T01:11:43.760",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2010-01-21T19:30:00.900",
|
||||
"lastModified": "2024-11-21T01:11:48.750",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2010-04-28T22:30:00.447",
|
||||
"lastModified": "2024-11-21T01:12:51.607",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secalert_us@oracle.com",
|
||||
"published": "2010-04-01T16:30:00.907",
|
||||
"lastModified": "2024-11-21T01:13:03.893",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -94,7 +94,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -94,7 +94,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -94,7 +94,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -83,7 +83,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "psirt@adobe.com",
|
||||
"published": "2010-06-08T18:30:10.007",
|
||||
"lastModified": "2024-11-21T01:14:04.610",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2010-04-28T22:30:00.793",
|
||||
"lastModified": "2024-11-21T01:14:23.843",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2010-08-05T13:23:09.477",
|
||||
"lastModified": "2024-11-21T01:15:22.060",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "secalert@redhat.com",
|
||||
"type": "Secondary",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
"sourceIdentifier": "secure@microsoft.com",
|
||||
"published": "2010-07-22T05:43:49.703",
|
||||
"lastModified": "2024-11-21T01:16:55.293",
|
||||
"vulnStatus": "Modified",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user