admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:13:41 +00:00
parent 1ac9a39755
commit 048608e223
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 3960 additions and 3960 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
2006/0xxx/CVE-2006-0191.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0191", "ID": "CVE-2006-0191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null dereference) via unspecified vectors involving the use of the find command on the \"/proc\" filesystem. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2005-3250."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-056.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-056.htm" "lang": "eng",
}, "value": "Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null dereference) via unspecified vectors involving the use of the find command on the \"/proc\" filesystem. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2005-3250."
{ }
"name" : "102108", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102108-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16222", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16222" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0166", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0166" ]
}, },
{ "references": {
"name" : "22347", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22347" "name": "16222",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16222"
"name" : "oval:org.mitre.oval:def:1608", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1608" "name": "18420",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18420"
"name" : "1015479", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015479" "name": "22347",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22347"
"name" : "18420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18420" "name": "solaris-find-proc-dos(24085)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24085"
"name" : "19087", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19087" "name": "oval:org.mitre.oval:def:1608",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1608"
"name" : "solaris-find-proc-dos(24085)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24085" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-056.htm",
} "refsource": "CONFIRM",
] "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-056.htm"
} },
} {
"name": "ADV-2006-0166",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0166"
},
{
"name": "1015479",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015479"
},
{
"name": "19087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19087"
},
{
"name": "102108",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102108-1"
}
]
}
}

160
2006/1xxx/CVE-2006-1394.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1394", "ID": "CVE-2006-1394",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pubcookie.org/news/20060306-apps-secadv.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://pubcookie.org/news/20060306-apps-secadv.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors."
{ }
"name" : "VU#314540", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/314540" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17221", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17221" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24520", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24520" ]
}, },
{ "references": {
"name" : "19348", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19348" "name": "http://pubcookie.org/news/20060306-apps-secadv.html",
} "refsource": "CONFIRM",
] "url": "http://pubcookie.org/news/20060306-apps-secadv.html"
} },
} {
"name": "24520",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24520"
},
{
"name": "17221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17221"
},
{
"name": "VU#314540",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/314540"
},
{
"name": "19348",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19348"
}
]
}
}

130
2006/5xxx/CVE-2006-5325.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5325", "ID": "CVE-2006-5325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin_board2.php, or (4) admin_logger.php in includes/, different vectors than CVE-2006-5224."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061012 Security Suite IP Logger Remote File Inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/448447/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin_board2.php, or (4) admin_logger.php in includes/, different vectors than CVE-2006-5224."
{ }
"name" : "1736", ]
"refsource" : "SREASON", },
"url" : "http://securityreason.com/securityalert/1736" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1736",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1736"
},
{
"name": "20061012 Security Suite IP Logger Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448447/100/0/threaded"
}
]
}
}

170
2006/5xxx/CVE-2006-5420.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5420", "ID": "CVE-2006-5420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.kerio.com/kwf_history.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kerio.com/kwf_history.html" "lang": "eng",
}, "value": "Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses."
{ }
"name" : "20584", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20584" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4056", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4056" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1017067", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1017067" ]
}, },
{ "references": {
"name" : "22986", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22986" "name": "ADV-2006-4056",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4056"
"name" : "kerio-dns-dos(29629)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29629" "name": "1017067",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1017067"
} },
} {
"name": "22986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22986"
},
{
"name": "http://www.kerio.com/kwf_history.html",
"refsource": "CONFIRM",
"url": "http://www.kerio.com/kwf_history.html"
},
{
"name": "kerio-dns-dos(29629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29629"
},
{
"name": "20584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20584"
}
]
}
}

170
2006/5xxx/CVE-2006-5490.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5490", "ID": "CVE-2006-5490",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Segue Content Management System (CMS) before 1.5.8 allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=456920", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=456920" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Segue Content Management System (CMS) before 1.5.8 allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "20645", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20645" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4123", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4123" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "29903", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/29903" ]
}, },
{ "references": {
"name" : "22514", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22514" "name": "http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=456920",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=456920"
"name" : "seguecms-unspecified-sql-injection(29691)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29691" "name": "seguecms-unspecified-sql-injection(29691)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29691"
} },
} {
"name": "ADV-2006-4123",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4123"
},
{
"name": "22514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22514"
},
{
"name": "29903",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29903"
},
{
"name": "20645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20645"
}
]
}
}

150
2006/5xxx/CVE-2006-5530.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5530", "ID": "CVE-2006-5530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "20714", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20714" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4162", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4162" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22535", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22535" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20714"
},
{
"name": "22535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22535"
},
{
"name": "ADV-2006-4162",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4162"
},
{
"name": "http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php",
"refsource": "MISC",
"url": "http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php"
}
]
}
}

160
2006/5xxx/CVE-2006-5624.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5624", "ID": "CVE-2006-5624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Multi-Page Comment System (MPCS) 1.0.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) include.php or (2) functions.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tpvgames.co.uk/web/mpcs/", "description_data": [
"refsource" : "MISC", {
"url" : "http://tpvgames.co.uk/web/mpcs/" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Multi-Page Comment System (MPCS) 1.0.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) include.php or (2) functions.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "20751", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20751" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4212", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4212" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22578", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22578" ]
}, },
{ "references": {
"name" : "mpcs-path-file-include(29823)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29823" "name": "22578",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22578"
} },
} {
"name": "ADV-2006-4212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4212"
},
{
"name": "20751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20751"
},
{
"name": "http://tpvgames.co.uk/web/mpcs/",
"refsource": "MISC",
"url": "http://tpvgames.co.uk/web/mpcs/"
},
{
"name": "mpcs-path-file-include(29823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29823"
}
]
}
}

220
2006/5xxx/CVE-2006-5840.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5840", "ID": "CVE-2006-5840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Multiple SQL injection vulnerabilities in Abarcar Realty Portal allow remote attackers to execute arbitrary SQL commands via the (1) neid parameter to newsdetails.php, or the (2) slid parameter to slistl.php. NOTE: the cat vector is already covered by CVE-2006-2853. NOTE: the vendor has notified CVE that the current version only creates static pages, and that slistl.php/slid never existed in any version."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061108 Abarcar Realty Portal [injection sql]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/450946/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** Multiple SQL injection vulnerabilities in Abarcar Realty Portal allow remote attackers to execute arbitrary SQL commands via the (1) neid parameter to newsdetails.php, or the (2) slid parameter to slistl.php. NOTE: the cat vector is already covered by CVE-2006-2853. NOTE: the vendor has notified CVE that the current version only creates static pages, and that slistl.php/slid never existed in any version."
{ }
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=7", ]
"refsource" : "MISC", },
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20061207 Vendor dispute - CVE-2006-5840 (abarcar Realty Portal)", "description": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2006-December/001170.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20061219 abarcar vendor statement on CVE-2006-5840", ]
"refsource" : "VIM", }
"url" : "http://attrition.org/pipermail/vim/2006-December/001190.html" ]
}, },
{ "references": {
"name" : "20970", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20970" "name": "30249",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/30249"
"name" : "ADV-2006-4418", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4418" "name": "1840",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1840"
"name" : "30249", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/30249" "name": "22792",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22792"
"name" : "30250", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/30250" "name": "20061219 abarcar vendor statement on CVE-2006-5840",
}, "refsource": "VIM",
{ "url": "http://attrition.org/pipermail/vim/2006-December/001190.html"
"name" : "22792", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22792" "name": "20970",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20970"
"name" : "1840", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1840" "name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=7",
}, "refsource": "MISC",
{ "url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=7"
"name" : "abarcar-realty-newsdetails-sql-injection(30135)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30135" "name": "abarcar-realty-newsdetails-sql-injection(30135)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30135"
} },
} {
"name": "ADV-2006-4418",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4418"
},
{
"name": "30250",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30250"
},
{
"name": "20061207 Vendor dispute - CVE-2006-5840 (abarcar Realty Portal)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-December/001170.html"
},
{
"name": "20061108 Abarcar Realty Portal [injection sql]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450946/100/0/threaded"
}
]
}
}

200
2007/2xxx/CVE-2007-2250.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2250", "ID": "CVE-2007-2250",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466286/100/0/threaded" "lang": "eng",
}, "value": "admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter."
{ }
"name" : "http://www.waraxe.us/advisory-49.html", ]
"refsource" : "MISC", },
"url" : "http://www.waraxe.us/advisory-49.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.phorum.org/story.php?76", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.phorum.org/story.php?76" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23616", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23616" ]
}, },
{ "references": {
"name" : "ADV-2007-1479", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1479" "name": "http://www.waraxe.us/advisory-49.html",
}, "refsource": "MISC",
{ "url": "http://www.waraxe.us/advisory-49.html"
"name" : "35060", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35060" "name": "http://www.phorum.org/story.php?76",
}, "refsource": "CONFIRM",
{ "url": "http://www.phorum.org/story.php?76"
"name" : "1017936", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017936" "name": "1017936",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017936"
"name" : "24932", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24932" "name": "ADV-2007-1479",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1479"
"name" : "2617", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2617" "name": "24932",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24932"
} },
} {
"name": "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466286/100/0/threaded"
},
{
"name": "2617",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2617"
},
{
"name": "23616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23616"
},
{
"name": "35060",
"refsource": "OSVDB",
"url": "http://osvdb.org/35060"
}
]
}
}

140
2007/2xxx/CVE-2007-2269.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2269", "ID": "CVE-2007-2269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forum.swsoft.com/showthread.php?s=&postid=172761#post172761", "description_data": [
"refsource" : "MISC", {
"url" : "http://forum.swsoft.com/showthread.php?s=&postid=172761#post172761" "lang": "eng",
}, "value": "Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter."
{ }
"name" : "35475", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/35475" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25036", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25036" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "35475",
"refsource": "OSVDB",
"url": "http://osvdb.org/35475"
},
{
"name": "http://forum.swsoft.com/showthread.php?s=&postid=172761#post172761",
"refsource": "MISC",
"url": "http://forum.swsoft.com/showthread.php?s=&postid=172761#post172761"
},
{
"name": "25036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25036"
}
]
}
}

150
2007/2xxx/CVE-2007-2322.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2322", "ID": "CVE-2007-2322",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted packet that contains two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "23640", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23640" "lang": "eng",
}, "value": "NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted packet that contains two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "35321", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/35321" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24724", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24724" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "nero-crlf-dos(33974)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33974" ]
} },
] "references": {
} "reference_data": [
} {
"name": "35321",
"refsource": "OSVDB",
"url": "http://osvdb.org/35321"
},
{
"name": "23640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23640"
},
{
"name": "24724",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24724"
},
{
"name": "nero-crlf-dos(33974)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33974"
}
]
}
}

130
2007/2xxx/CVE-2007-2429.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2429", "ID": "CVE-2007-2429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the \"-port 2345\" and \"-u root\" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "23693", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23693" "lang": "eng",
}, "value": "ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the \"-port 2345\" and \"-u root\" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "40188", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/40188" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23693"
},
{
"name": "40188",
"refsource": "OSVDB",
"url": "http://osvdb.org/40188"
}
]
}
}

220
2007/2xxx/CVE-2007-2523.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2523", "ID": "CVE-2007-2523",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070509 Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=530" "lang": "eng",
}, "value": "CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0."
{ }
"name" : "20070511 Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/468306/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://blog.48bits.com/?p=103", ]
"refsource" : "MISC", }
"url" : "http://blog.48bits.com/?p=103" ]
}, },
{ "references": {
"name" : "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp" "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp",
}, "refsource": "CONFIRM",
{ "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
"name" : "VU#788416", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/788416" "name": "1018043",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018043"
"name" : "23906", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23906" "name": "http://blog.48bits.com/?p=103",
}, "refsource": "MISC",
{ "url": "http://blog.48bits.com/?p=103"
"name" : "ADV-2007-1750", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1750" "name": "ADV-2007-1750",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1750"
"name" : "34586", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34586" "name": "23906",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23906"
"name" : "1018043", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018043" "name": "VU#788416",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/788416"
"name" : "25202", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25202" "name": "34586",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/34586"
} },
} {
"name": "25202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25202"
},
{
"name": "20070511 Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468306/100/0/threaded"
},
{
"name": "20070509 Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=530"
},
{
"name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
}
]
}
}

150
2007/2xxx/CVE-2007-2994.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2994", "ID": "CVE-2007-2994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070529 Re: DGNews version 2.1 SQL Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/469881/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693."
{ }
"name" : "24212", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24212" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25438", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25438" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2762", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2762" ]
} },
] "references": {
} "reference_data": [
} {
"name": "25438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25438"
},
{
"name": "24212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24212"
},
{
"name": "2762",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2762"
},
{
"name": "20070529 Re: DGNews version 2.1 SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469881/100/0/threaded"
}
]
}
}

240
2010/0xxx/CVE-2010-0012.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0012", "ID": "CVE-2010-0012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-devel-changes] 20100105 Accepted transmission 1.77-1 (source all amd64)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.mail-archive.com/debian-devel-changes@lists.debian.org/msg264483.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file."
{ }
"name" : "[oss-security] 20100106 CVE Request: Transmission", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2010/01/06/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20100106 Re: CVE Request: Transmission", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/01/06/4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.diff.gz", ]
"refsource" : "CONFIRM", }
"url" : "http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.diff.gz" ]
}, },
{ "references": {
"name" : "http://trac.transmissionbt.com/changeset/9829/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://trac.transmissionbt.com/changeset/9829/" "name": "http://trac.transmissionbt.com/wiki/Changes#version-1.77",
}, "refsource": "CONFIRM",
{ "url": "http://trac.transmissionbt.com/wiki/Changes#version-1.77"
"name" : "http://trac.transmissionbt.com/wiki/Changes#version-1.77", },
"refsource" : "CONFIRM", {
"url" : "http://trac.transmissionbt.com/wiki/Changes#version-1.77" "name": "[oss-security] 20100106 Re: CVE Request: Transmission",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/01/06/4"
"name" : "https://launchpad.net/bugs/500625", },
"refsource" : "CONFIRM", {
"url" : "https://launchpad.net/bugs/500625" "name": "https://launchpad.net/bugs/500625",
}, "refsource": "CONFIRM",
{ "url": "https://launchpad.net/bugs/500625"
"name" : "DSA-1967", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-1967" "name": "http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.diff.gz",
}, "refsource": "CONFIRM",
{ "url": "http://security.debian.org/pool/updates/main/t/transmission/transmission_1.22-1+lenny2.diff.gz"
"name" : "SUSE-SA:2010:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html" "name": "http://trac.transmissionbt.com/changeset/9829/",
}, "refsource": "CONFIRM",
{ "url": "http://trac.transmissionbt.com/changeset/9829/"
"name" : "37993", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37993" "name": "38005",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38005"
"name" : "38005", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38005" "name": "ADV-2010-0071",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0071"
"name" : "ADV-2010-0071", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0071" "name": "DSA-1967",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-1967"
"name" : "transmission-name-directory-traversal(55454)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55454" "name": "transmission-name-directory-traversal(55454)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55454"
} },
} {
"name": "[oss-security] 20100106 CVE Request: Transmission",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/01/06/2"
},
{
"name": "37993",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37993"
},
{
"name": "SUSE-SA:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"name": "[debian-devel-changes] 20100105 Accepted transmission 1.77-1 (source all amd64)",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/debian-devel-changes@lists.debian.org/msg264483.html"
}
]
}
}

300
2010/0xxx/CVE-2010-0296.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0296", "ID": "CVE-2010-0296",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded" "lang": "eng",
}, "value": "The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request."
{ }
"name" : "http://frugalware.org/security/662", ]
"refsource" : "CONFIRM", },
"url" : "http://frugalware.org/security/662" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be83144f5211540", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be83144f5211540" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=559579", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=559579" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" "name": "MDVSA-2010:111",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
"name" : "DSA-2058", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2058" "name": "GLSA-201011-01",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
"name" : "GLSA-201011-01", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201011-01.xml" "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"name" : "MDVSA-2010:111", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111" "name": "46397",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46397"
"name" : "MDVSA-2010:112", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112" "name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be83144f5211540",
}, "refsource": "CONFIRM",
{ "url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=ab00f4eac8f4932211259ff87be83144f5211540"
"name" : "RHSA-2011:0412", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0412.html" "name": "ADV-2010-1246",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1246"
"name" : "SUSE-SA:2010:052", },
"refsource" : "SUSE", {
"url" : "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html" "name": "RHSA-2011:0412",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
"name" : "USN-944-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-944-1" "name": "ADV-2011-0863",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0863"
"name" : "1024043", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1024043" "name": "USN-944-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-944-1"
"name" : "39900", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39900" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=559579",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=559579"
"name" : "43830", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43830" "name": "39900",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39900"
"name" : "46397", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46397" "name": "SUSE-SA:2010:052",
}, "refsource": "SUSE",
{ "url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
"name" : "ADV-2010-1246", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1246" "name": "43830",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43830"
"name" : "ADV-2011-0863", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0863" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"name" : "gnuclibrary-encodenamemacro-dos(59240)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240" "name": "1024043",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1024043"
} },
} {
"name": "gnuclibrary-encodenamemacro-dos(59240)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240"
},
{
"name": "http://frugalware.org/security/662",
"refsource": "CONFIRM",
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2058"
}
]
}
}

150
2010/0xxx/CVE-2010-0702.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0702", "ID": "CVE-2010-0702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1002-exploits/tribox-sql.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1002-exploits/tribox-sql.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
{ }
"name" : "11508", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11508" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38323", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38323" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "trixbox-phonedirectory-sql-injection(56407)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56407" ]
} },
] "references": {
} "reference_data": [
} {
"name": "11508",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11508"
},
{
"name": "trixbox-phonedirectory-sql-injection(56407)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56407"
},
{
"name": "http://packetstormsecurity.org/1002-exploits/tribox-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1002-exploits/tribox-sql.txt"
},
{
"name": "38323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38323"
}
]
}
}

320
2010/1xxx/CVE-2010-1437.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-1437", "ID": "CVE-2010-1437",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" "lang": "eng",
}, "value": "Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function."
{ }
"name" : "[linux-kernel] 20100422 [PATCH 0/1][BUG][IMPORTANT] KEYRINGS: find_keyring_by_name() can gain the freed keyring", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=linux-kernel&m=127192182917857&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[linux-kernel] 20100430 [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring", "description": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-kernel&m=127274294622730&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[linux-kernel] 20100503 Re: [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring", ]
"refsource" : "MLIST", }
"url" : "http://marc.info/?l=linux-kernel&m=127292492727029&w=2" ]
}, },
{ "references": {
"name" : "[oss-security] 20100427 CVE request - kernel: find_keyring_by_name() can gain the freed keyring", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/04/27/2" "name": "[oss-security] 20100427 CVE request - kernel: find_keyring_by_name() can gain the freed keyring",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/27/2"
"name" : "[oss-security] 20100427 Re: CVE request - kernel: find_keyring_by_name() can gain the freed keyring", },
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/04/28/2" "name": "SUSE-SA:2010:031",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=585094", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=585094" "name": "[linux-kernel] 20100503 Re: [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-kernel&m=127292492727029&w=2"
"name" : "https://patchwork.kernel.org/patch/94038/", },
"refsource" : "CONFIRM", {
"url" : "https://patchwork.kernel.org/patch/94038/" "name": "oval:org.mitre.oval:def:9715",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9715"
"name" : "https://patchwork.kernel.org/patch/94664/", },
"refsource" : "CONFIRM", {
"url" : "https://patchwork.kernel.org/patch/94664/" "name": "https://patchwork.kernel.org/patch/94664/",
}, "refsource": "CONFIRM",
{ "url": "https://patchwork.kernel.org/patch/94664/"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" "name": "kernel-findkeyringbyname-dos(58254)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58254"
"name" : "DSA-2053", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2053" "name": "[linux-kernel] 20100422 [PATCH 0/1][BUG][IMPORTANT] KEYRINGS: find_keyring_by_name() can gain the freed keyring",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-kernel&m=127192182917857&w=2"
"name" : "RHSA-2010:0474", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0474.html" "name": "RHSA-2010:0474",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html"
"name" : "SUSE-SA:2010:031", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html" "name": "40645",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40645"
"name" : "39719", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/39719" "name": "43315",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43315"
"name" : "oval:org.mitre.oval:def:9715", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9715" "name": "[linux-kernel] 20100430 [PATCH 2/7] KEYS: find_keyring_by_name() can gain access to a freed keyring",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-kernel&m=127274294622730&w=2"
"name" : "39830", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39830" "name": "https://patchwork.kernel.org/patch/94038/",
}, "refsource": "CONFIRM",
{ "url": "https://patchwork.kernel.org/patch/94038/"
"name" : "40218", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40218" "name": "[oss-security] 20100427 Re: CVE request - kernel: find_keyring_by_name() can gain the freed keyring",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/28/2"
"name" : "40645", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40645" "name": "40218",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40218"
"name" : "43315", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43315" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name" : "ADV-2010-1857", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1857" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=585094",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=585094"
"name" : "kernel-findkeyringbyname-dos(58254)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58254" "name": "DSA-2053",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2010/dsa-2053"
} },
} {
"name": "39719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39719"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
},
{
"name": "ADV-2010-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
]
}
}

230
2010/3xxx/CVE-2010-3166.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3166", "ID": "CVE-2010-3166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-53.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-53.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=579655", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=579655" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox", "description": [
"refsource" : "CONFIRM", {
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100112690", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100112690" ]
}, },
{ "references": {
"name" : "FEDORA-2010-14362", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html" "name": "SUSE-SA:2010:049",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
"name" : "MDVSA-2010:173", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173" "name": "oval:org.mitre.oval:def:12186",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12186"
"name" : "SUSE-SA:2010:049", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html" "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
}, "refsource": "CONFIRM",
{ "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
"name" : "43102", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43102" "name": "FEDORA-2010-14362",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html"
"name" : "oval:org.mitre.oval:def:12186", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12186" "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-53.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-53.html"
"name" : "42867", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42867" "name": "http://support.avaya.com/css/P8/documents/100112690",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100112690"
"name" : "ADV-2010-2323", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2323" "name": "42867",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42867"
"name" : "ADV-2011-0061", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0061" "name": "ADV-2011-0061",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0061"
} },
} {
"name": "MDVSA-2010:173",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
},
{
"name": "ADV-2010-2323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2323"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=579655",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=579655"
},
{
"name": "43102",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43102"
}
]
}
}

140
2010/3xxx/CVE-2010-3901.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3901", "ID": "CVE-2010-3901",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20100801 CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/08/01/1" "lang": "eng",
}, "value": "OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option."
{ }
"name" : "[oss-security] 20100802 Re: CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2010/08/02/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.infradead.org/openconnect.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.infradead.org/openconnect.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.infradead.org/openconnect.html",
"refsource": "CONFIRM",
"url": "http://www.infradead.org/openconnect.html"
},
{
"name": "[oss-security] 20100801 CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/01/1"
},
{
"name": "[oss-security] 20100802 Re: CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/02/7"
}
]
}
}

150
2010/4xxx/CVE-2010-4201.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4201", "ID": "CVE-2010-4201",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=58741", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=58741" "lang": "eng",
}, "value": "Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections."
{ }
"name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12137", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12137" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42109", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/42109" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
},
{
"name": "oval:org.mitre.oval:def:12137",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12137"
},
{
"name": "42109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42109"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=58741",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=58741"
}
]
}
}

34
2010/4xxx/CVE-2010-4661.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4661", "ID": "CVE-2010-4661",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2014/0xxx/CVE-2014-0017.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0017", "ID": "CVE-2014-0017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140305 libssh and stunnel PRNG flaws", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/03/05/1" "lang": "eng",
}, "value": "The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision."
{ }
"name" : "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1072191", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1072191" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-2879", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2014/dsa-2879" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2014:0366", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html" "name": "USN-2145-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2145-1"
"name" : "openSUSE-SU-2014:0370", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html" "name": "DSA-2879",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-2879"
"name" : "USN-2145-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2145-1" "name": "openSUSE-SU-2014:0366",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html"
"name" : "57407", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57407" "name": "57407",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/57407"
} },
} {
"name": "[oss-security] 20140305 libssh and stunnel PRNG flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"name": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/",
"refsource": "CONFIRM",
"url": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/"
},
{
"name": "openSUSE-SU-2014:0370",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191"
}
]
}
}

120
2014/0xxx/CVE-2014-0309.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0309", "ID": "CVE-2014-0309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-012", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" "lang": "eng",
} "value": "Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS14-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012"
}
]
}
}

170
2014/0xxx/CVE-2014-0381.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0381", "ID": "CVE-2014-0381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2014-0445."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2014-0445."
{ }
"name" : "64758", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64758" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64892", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64892" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "102045", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/102045" ]
}, },
{ "references": {
"name" : "1029623", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029623" "name": "102045",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/102045"
"name" : "56478", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56478" "name": "64892",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/64892"
} },
} {
"name": "56478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56478"
},
{
"name": "1029623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029623"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}
}

250
2014/0xxx/CVE-2014-0420.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0420", "ID": "CVE-2014-0420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2848", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-2848" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201409-04", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201409-04.xml" ]
}, },
{ "references": {
"name" : "RHSA-2014:0173", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0173.html" "name": "USN-2086-1",
}, "refsource": "UBUNTU",
{ "url": "http://ubuntu.com/usn/usn-2086-1"
"name" : "RHSA-2014:0186", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0186.html" "name": "56491",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/56491"
"name" : "RHSA-2014:0189", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0189.html" "name": "RHSA-2014:0186",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
"name" : "USN-2086-1", },
"refsource" : "UBUNTU", {
"url" : "http://ubuntu.com/usn/usn-2086-1" "name": "DSA-2848",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-2848"
"name" : "64758", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64758" "name": "64888",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/64888"
"name" : "64888", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64888" "name": "oracle-cpujan2014-cve20140420(90388)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90388"
"name" : "102077", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/102077" "name": "56580",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/56580"
"name" : "56491", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56491" "name": "102077",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/102077"
"name" : "56580", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56580" "name": "RHSA-2014:0173",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
"name" : "oracle-cpujan2014-cve20140420(90388)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90388" "name": "RHSA-2014:0189",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
} },
} {
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "GLSA-201409-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
]
}
}

170
2014/0xxx/CVE-2014-0444.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0444", "ID": "CVE-2014-0444",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and CVE-2013-5871."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and CVE-2013-5871."
{ }
"name" : "64758", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64758" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64883", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64883" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "102089", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/102089" ]
}, },
{ "references": {
"name" : "1029620", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029620" "name": "64883",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/64883"
"name" : "56473", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56473" "name": "102089",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/102089"
} },
} {
"name": "1029620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029620"
},
{
"name": "56473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56473"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}
}

170
2014/4xxx/CVE-2014-4349.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4349", "ID": "CVE-2014-4349",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://phpmyadmin.net/home_page/security/PMASA-2014-3.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://phpmyadmin.net/home_page/security/PMASA-2014-3.php" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action."
{ }
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/d4f754c937f9e2c0beadff5b2e38215dde1d6a79", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/d4f754c937f9e2c0beadff5b2e38215dde1d6a79" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905873acd0b00be", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905873acd0b00be" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2014:1069", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html" ]
}, },
{ "references": {
"name" : "68205", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68205" "name": "openSUSE-SU-2014:1069",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00045.html"
"name" : "60397", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60397" "name": "https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905873acd0b00be",
} "refsource": "CONFIRM",
] "url": "https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905873acd0b00be"
} },
} {
"name": "http://phpmyadmin.net/home_page/security/PMASA-2014-3.php",
"refsource": "CONFIRM",
"url": "http://phpmyadmin.net/home_page/security/PMASA-2014-3.php"
},
{
"name": "68205",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68205"
},
{
"name": "60397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60397"
},
{
"name": "https://github.com/phpmyadmin/phpmyadmin/commit/d4f754c937f9e2c0beadff5b2e38215dde1d6a79",
"refsource": "CONFIRM",
"url": "https://github.com/phpmyadmin/phpmyadmin/commit/d4f754c937f9e2c0beadff5b2e38215dde1d6a79"
}
]
}
}

260
2014/4xxx/CVE-2014-4452.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4452", "ID": "CVE-2014-4452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6596", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6596" "lang": "eng",
}, "value": "WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462."
{ }
"name" : "https://support.apple.com/en-us/HT6590", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/en-us/HT6590" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/en-us/HT6592", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT6592" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/kb/HT204949", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/kb/HT204949" ]
}, },
{ "references": {
"name" : "https://support.apple.com/en-us/HT204418", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT204418" "name": "APPLE-SA-2014-11-17-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html"
"name" : "https://support.apple.com/en-us/HT204420", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT204420" "name": "APPLE-SA-2014-11-17-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html"
"name" : "APPLE-SA-2014-11-17-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html" "name": "62505",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62505"
"name" : "APPLE-SA-2014-11-17-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html" "name": "APPLE-SA-2015-06-30-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
"name" : "APPLE-SA-2014-12-2-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html" "name": "https://support.apple.com/en-us/HT6590",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/en-us/HT6590"
"name" : "APPLE-SA-2015-06-30-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html" "name": "1031231",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031231"
"name" : "71137", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71137" "name": "62504",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62504"
"name" : "1031231", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031231" "name": "https://support.apple.com/kb/HT204949",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT204949"
"name" : "62504", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62504" "name": "appletv-cve20144452-code-exec(98771)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98771"
"name" : "62505", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62505" "name": "71137",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71137"
"name" : "appletv-cve20144452-code-exec(98771)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98771" "name": "http://support.apple.com/kb/HT6596",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/kb/HT6596"
} },
} {
"name": "APPLE-SA-2014-12-2-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
},
{
"name": "https://support.apple.com/en-us/HT204420",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204420"
},
{
"name": "https://support.apple.com/en-us/HT204418",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204418"
},
{
"name": "https://support.apple.com/en-us/HT6592",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT6592"
}
]
}
}

34
2014/4xxx/CVE-2014-4609.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4609", "ID": "CVE-2014-4609",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2014/4xxx/CVE-2014-4623.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2014-4623", "ID": "CVE-2014-4623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141022 ESA-2014-094: EMC Avamar Weak Password Storage Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0146.html" "lang": "eng",
}, "value": "EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
{ }
"name" : "http://packetstormsecurity.com/files/128842/EMC-Avamar-Weak-Password-Storage.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/128842/EMC-Avamar-Weak-Password-Storage.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "70732", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70732" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1031117", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1031117" ]
}, },
{ "references": {
"name" : "emc-avamar-cve20144623-info-disc(97757)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97757" "name": "70732",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/70732"
} },
} {
"name": "emc-avamar-cve20144623-info-disc(97757)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97757"
},
{
"name": "1031117",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031117"
},
{
"name": "20141022 ESA-2014-094: EMC Avamar Weak Password Storage Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0146.html"
},
{
"name": "http://packetstormsecurity.com/files/128842/EMC-Avamar-Weak-Password-Storage.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128842/EMC-Avamar-Weak-Password-Storage.html"
}
]
}
}

140
2014/4xxx/CVE-2014-4817.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4817", "ID": "CVE-2014-4817",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686874", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686874" "lang": "eng",
}, "value": "The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename."
{ }
"name" : "IT04884", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-tsm-cve20144817-file-overwrite(95444)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95444" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ibm-tsm-cve20144817-file-overwrite(95444)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95444"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686874",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686874"
},
{
"name": "IT04884",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04884"
}
]
}
}

120
2014/8xxx/CVE-2014-8519.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8519", "ID": "CVE-2014-8519",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044" "lang": "eng",
} "value": "Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044"
}
]
}
}

160
2014/9xxx/CVE-2014-9567.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9567", "ID": "CVE-2014-9567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35424", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/35424" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory."
{ }
"name" : "35660", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/35660" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "116469", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/show/osvdb/116469" ]
}, },
{ "references": {
"name" : "projectsend-processupload-file-upload(99548)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99548" "name": "35424",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/35424"
} },
} {
"name": "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html"
},
{
"name": "35660",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35660"
},
{
"name": "116469",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/116469"
},
{
"name": "projectsend-processupload-file-upload(99548)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99548"
}
]
}
}

150
2016/3xxx/CVE-2016-3476.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3476", "ID": "CVE-2016-3476",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91948", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91948" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036400", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036400" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1036400",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036400"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91948"
}
]
}
}

150
2016/3xxx/CVE-2016-3612.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3612", "ID": "CVE-2016-3612",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91860", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91860" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036384", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036384" ]
} },
] "references": {
} "reference_data": [
} {
"name": "91860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91860"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "1036384",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036384"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

120
2016/3xxx/CVE-2016-3816.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3816", "ID": "CVE-2016-3816",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-07-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-07-01.html" "lang": "eng",
} "value": "The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
}
]
}
}

140
2016/3xxx/CVE-2016-3938.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3938", "ID": "CVE-2016-3938",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30019716 and Qualcomm internal bug CR 1049232."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-10-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-10-01.html" "lang": "eng",
}, "value": "drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30019716 and Qualcomm internal bug CR 1049232."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=467c81f9736b1ebc8d4ba70f9221bba02425ca10", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=467c81f9736b1ebc8d4ba70f9221bba02425ca10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93336", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93336" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "93336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93336"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=467c81f9736b1ebc8d4ba70f9221bba02425ca10",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=467c81f9736b1ebc8d4ba70f9221bba02425ca10"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
}
]
}
}

34
2016/6xxx/CVE-2016-6456.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6456", "ID": "CVE-2016-6456",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/6xxx/CVE-2016-6555.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6555", "ID": "CVE-2016-6555",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/6xxx/CVE-2016-6861.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6861", "ID": "CVE-2016-6861",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

240
2016/7xxx/CVE-2016-7167.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7167", "ID": "CVE-2016-7167",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20181106 [SECURITY] [DLA 1568-1] curl security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html" "lang": "eng",
}, "value": "Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow."
{ }
"name" : "https://curl.haxx.se/docs/adv_20160914.html", ]
"refsource" : "CONFIRM", },
"url" : "https://curl.haxx.se/docs/adv_20160914.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2016-08533fc59c", ]
"refsource" : "FEDORA", }
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3IU2FRXQNU6UJIQT4NGLWWTP2GJQXO7/" ]
}, },
{ "references": {
"name" : "FEDORA-2016-7a2ed52d41", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTH54DFOS4TSYPG5XKJDGAG4XPAR4T7M/" "name": "FEDORA-2016-80f4f71eff",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMRWVISG7VUCYRMF23A2UHMYD72VQWAK/"
"name" : "FEDORA-2016-80f4f71eff", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMRWVISG7VUCYRMF23A2UHMYD72VQWAK/" "name": "SSA:2016-259-01",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.538632"
"name" : "GLSA-201701-47", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-47" "name": "RHSA-2018:3558",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
"name" : "RHSA-2017:2016", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2016" "name": "FEDORA-2016-08533fc59c",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3IU2FRXQNU6UJIQT4NGLWWTP2GJQXO7/"
"name" : "RHSA-2018:2486", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2486" "name": "92975",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92975"
"name" : "RHSA-2018:3558", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3558" "name": "[debian-lts-announce] 20181106 [SECURITY] [DLA 1568-1] curl security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html"
"name" : "SSA:2016-259-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.538632" "name": "1036813",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036813"
"name" : "92975", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92975" "name": "https://curl.haxx.se/docs/adv_20160914.html",
}, "refsource": "CONFIRM",
{ "url": "https://curl.haxx.se/docs/adv_20160914.html"
"name" : "1036813", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036813" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
} },
} {
"name": "RHSA-2017:2016",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2016"
},
{
"name": "RHSA-2018:2486",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name": "GLSA-201701-47",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-47"
},
{
"name": "FEDORA-2016-7a2ed52d41",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTH54DFOS4TSYPG5XKJDGAG4XPAR4T7M/"
}
]
}
}

160
2016/7xxx/CVE-2016-7175.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7175", "ID": "CVE-2016-7175",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11850", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11850" "lang": "eng",
}, "value": "epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet."
{ }
"name" : "https://code.wireshark.org/review/16965", ]
"refsource" : "CONFIRM", },
"url" : "https://code.wireshark.org/review/16965" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1396f6ad555178f6b81cc1a65f9cb37b2d99aebf", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1396f6ad555178f6b81cc1a65f9cb37b2d99aebf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.wireshark.org/security/wnpa-sec-2016-50.html", ]
"refsource" : "CONFIRM", }
"url" : "https://www.wireshark.org/security/wnpa-sec-2016-50.html" ]
}, },
{ "references": {
"name" : "1036760", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036760" "name": "https://www.wireshark.org/security/wnpa-sec-2016-50.html",
} "refsource": "CONFIRM",
] "url": "https://www.wireshark.org/security/wnpa-sec-2016-50.html"
} },
} {
"name": "https://code.wireshark.org/review/16965",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/16965"
},
{
"name": "1036760",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036760"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1396f6ad555178f6b81cc1a65f9cb37b2d99aebf",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1396f6ad555178f6b81cc1a65f9cb37b2d99aebf"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11850",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11850"
}
]
}
}

140
2016/7xxx/CVE-2016-7442.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7442", "ID": "CVE-2016-7442",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the \"value\" field of the proxy user settings in \"system settings / scan settings / anti spam\" configuration tab."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160930 Multiple exposures in Sophos UTM", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539518/100/0/threaded" "lang": "eng",
}, "value": "The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the \"value\" field of the proxy user settings in \"system settings / scan settings / anti spam\" configuration tab."
{ }
"name" : "93266", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93266" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036931", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036931" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036931"
},
{
"name": "93266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93266"
},
{
"name": "20160930 Multiple exposures in Sophos UTM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539518/100/0/threaded"
}
]
}
}

34
2016/7xxx/CVE-2016-7775.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7775", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7775",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

200
2016/7xxx/CVE-2016-7875.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-7875", "ID": "CVE-2016-7875",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-621", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-621" "lang": "eng",
}, "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201701-17", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-17" "lang": "eng",
}, "value": "Integer Overflow"
{ }
"name" : "MS16-154", ]
"refsource" : "MS", }
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" ]
}, },
{ "references": {
"name" : "RHSA-2016:2947", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2947.html" "name": "SUSE-SU-2016:3148",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
"name" : "SUSE-SU-2016:3148", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" "name": "MS16-154",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
"name" : "openSUSE-SU-2016:3160", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" "name": "GLSA-201701-17",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-17"
"name" : "94866", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94866" "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-621",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-621"
"name" : "1037442", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037442" "name": "1037442",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1037442"
} },
} {
"name": "94866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94866"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
}

150
2016/8xxx/CVE-2016-8016.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2016-8016", "ID": "CVE-2016-8016",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VirusScan Enterprise Linux (VSEL)", "product_name": "VirusScan Enterprise Linux (VSEL)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.0.3 (and earlier)" "version_value": "2.0.3 (and earlier)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information exposure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40911", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40911/" "lang": "eng",
}, "value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
{ }
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181", ]
"refsource" : "CONFIRM", },
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94823", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94823" "lang": "eng",
}, "value": "Information exposure"
{ }
"name" : "1037433", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037433" ]
} },
] "references": {
} "reference_data": [
} {
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}

34
2016/8xxx/CVE-2016-8154.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8154", "ID": "CVE-2016-8154",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2016/8xxx/CVE-2016-8649.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-8649", "ID": "CVE-2016-8649",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "LXC before 1.0.9 and 2.x before 2.0.6", "product_name": "LXC before 1.0.9 and 2.x before 2.0.6",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "LXC before 1.0.9 and 2.x before 2.0.6" "version_value": "LXC before 1.0.9 and 2.x before 2.0.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "container bypass"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465" "lang": "eng",
}, "value": "lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls."
{ }
"name" : "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1398242", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1398242" "lang": "eng",
}, "value": "container bypass"
{ }
"name" : "https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c" ]
}, },
{ "references": {
"name" : "https://security-tracker.debian.org/tracker/CVE-2016-8649", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://security-tracker.debian.org/tracker/CVE-2016-8649" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1398242",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398242"
"name" : "94498", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94498" "name": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345",
} "refsource": "CONFIRM",
] "url": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345"
} },
} {
"name": "https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c",
"refsource": "CONFIRM",
"url": "https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-8649",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-8649"
},
{
"name": "94498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94498"
}
]
}
}

132
2016/8xxx/CVE-2016-8730.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2017-07-20T00:00:00", "DATE_PUBLIC": "2017-07-20T00:00:00",
"ID" : "CVE-2016-8730", "ID": "CVE-2016-8730",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Corel PHOTO-PAINT", "product_name": "Corel PHOTO-PAINT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "X8 (Corel Import/Export Filter (64-Bit) - 18.1.0.661) - x64 version" "version_value": "X8 (Corel Import/Export Filter (64-Bit) - 18.1.0.661) - x64 version"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Corel" "vendor_name": "Corel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out of bounds Write"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0244", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0244" "lang": "eng",
}, "value": "An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability."
{ }
"name" : "99900", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99900" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Out of bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0244",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0244"
},
{
"name": "99900",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99900"
}
]
}
}

130
2016/8xxx/CVE-2016-8793.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2016-8793", "ID": "CVE-2016-8793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366", "product_name": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366" "version_value": "Mate 8,Mate S,P8 Versions before NXT-AL10C00B386,Versions before NXT-CL00C92B386,Versions before NXT-DL00C17B386,Versions before NXT-TL00C01B386,Versions before CRR-CL00C92B368,Versions before CRR-CL20C92B368,Versions before CRR-TL00C01B368,Versions before CRR-UL00C00B368,Versions before CRR-UL20C00B368,Versions before GRA-TL00C01B366,Versions before GRA-CL00C92B366,Versions before GRA-CL10C92B366,Versions before GRA-UL00C00B366,Versions before GRA-UL10C00B366"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "input validation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en" "lang": "eng",
}, "value": "Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege."
{ }
"name" : "94404", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94404" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "input validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en"
},
{
"name": "94404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94404"
}
]
}
}