admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:42:31 +00:00
parent 35434e0113
commit 0d5f7ed9e8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 3972 additions and 3972 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2001/1xxx/CVE-2001-1426.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1426",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1426",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations."
"lang": "eng",
"value": "Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010410 multiple vulnerabilities in Alcatel Speed Touch DSL modems",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/175229"
"name": "2566",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2566"
},
{
"name" : "CA-2001-08",
"refsource" : "CERT",
"url" : "http://www.cert.org/advisories/CA-2001-08.html"
"name": "VU#490344",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/490344"
},
{
"name" : "VU#490344",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/490344"
"name": "20010410 multiple vulnerabilities in Alcatel Speed Touch DSL modems",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/175229"
},
{
"name" : "2566",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2566"
"name": "alcatel-tftp-lan-access(6336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6336"
},
{
"name" : "alcatel-tftp-lan-access(6336)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6336"
"name": "CA-2001-08",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-08.html"
}
]
}

110
2006/2xxx/CVE-2006-2022.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2022",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2022",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL."
"lang": "eng",
"value": "Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060423 Buffer-overflow and crash in Fenice OMS 1.10",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431870/100/0/threaded"
"name": "19770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19770"
},
{
"name" : "20060607 Re: Buffer-overflow and crash in Fenice OMS 1.10",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436256/100/0/threaded"
"name": "17678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17678"
},
{
"name" : "20060425 Fenice - Open Media Streaming Server remote BOF exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/432002/100/0/threaded"
"name": "http://aluigi.altervista.org/adv/fenicex-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/fenicex-adv.txt"
},
{
"name" : "http://aluigi.altervista.org/adv/fenicex-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/fenicex-adv.txt"
"name": "20060423 Buffer-overflow and crash in Fenice OMS 1.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431870/100/0/threaded"
},
{
"name" : "17678",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17678"
"name": "794",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/794"
},
{
"name" : "ADV-2006-1491",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1491"
"name": "20060425 Fenice - Open Media Streaming Server remote BOF exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432002/100/0/threaded"
},
{
"name" : "19770",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19770"
"name": "ADV-2006-1491",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1491"
},
{
"name" : "794",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/794"
"name": "20060607 Re: Buffer-overflow and crash in Fenice OMS 1.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436256/100/0/threaded"
},
{
"name" : "fenice-parseurl-bo(26078)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26078"
"name": "fenice-parseurl-bo(26078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26078"
}
]
}

80
2006/2xxx/CVE-2006-2031.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2031",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2031",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html"
"name": "19659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19659"
},
{
"name" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2",
"refsource" : "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2"
"name": "http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/04/phpmyadmin-xss-vuln.html"
},
{
"name" : "19659",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19659"
"name": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2"
},
{
"name" : "phpmyadmin-index-xss(25954)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25954"
"name": "phpmyadmin-index-xss(25954)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25954"
}
]
}

80
2006/2xxx/CVE-2006-2116.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2116",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2116",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php."
"lang": "eng",
"value": "planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060501 planetGallery admin login",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/432576/100/0/threaded"
"name": "20060501 planetGallery admin login",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432576/100/0/threaded"
},
{
"name" : "http://www.planetc.de/download/planetgallery/planetgallery.html",
"refsource" : "CONFIRM",
"url" : "http://www.planetc.de/download/planetgallery/planetgallery.html"
"name": "17753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17753"
},
{
"name" : "17753",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17753"
"name": "825",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/825"
},
{
"name" : "825",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/825"
"name": "http://www.planetc.de/download/planetgallery/planetgallery.html",
"refsource": "CONFIRM",
"url": "http://www.planetc.de/download/planetgallery/planetgallery.html"
}
]
}

86
2006/2xxx/CVE-2006-2121.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2121",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2121",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929."
"lang": "eng",
"value": "PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060429 I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/432596/100/0/threaded"
"name": "20060428 [Kurdish Secure Advisory #1] I-RATER Platinum \"Admin/configsettings.tpl.php\" Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432404/100/0/threaded"
},
{
"name" : "20060428 [Kurdish Secure Advisory #1] I-RATER Platinum \"Admin/configsettings.tpl.php\" Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/432404/100/0/threaded"
"name": "irater-configsettingtpl-file-include(26203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26203"
},
{
"name" : "17731",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17731"
"name": "20060429 I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432596/100/0/threaded"
},
{
"name" : "824",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/824"
"name": "824",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/824"
},
{
"name" : "irater-configsettingtpl-file-include(26203)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26203"
"name": "17731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17731"
}
]
}

86
2006/2xxx/CVE-2006-2260.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2260",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2260",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://drupal.org/node/62406",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/62406"
"name": "17885",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17885"
},
{
"name" : "17885",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17885"
"name": "drupal-projectmodule-xss(26358)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26358"
},
{
"name" : "ADV-2006-1697",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1697"
"name": "ADV-2006-1697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1697"
},
{
"name" : "19997",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19997"
"name": "19997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19997"
},
{
"name" : "drupal-projectmodule-xss(26358)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26358"
"name": "http://drupal.org/node/62406",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/62406"
}
]
}

110
2006/3xxx/CVE-2006-3126.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3126",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-3126",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number."
"lang": "eng",
"value": "c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382474",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382474"
"name": "19801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19801"
},
{
"name" : "DSA-1165",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1165"
"name": "21726",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21726"
},
{
"name" : "GLSA-200610-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200610-05.xml"
"name": "SUSE-SR:2007:004",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_4_sr.html"
},
{
"name" : "SUSE-SR:2007:004",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_4_sr.html"
"name": "22450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22450"
},
{
"name" : "19801",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19801"
"name": "ADV-2006-3430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3430"
},
{
"name" : "ADV-2006-3430",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3430"
"name": "21722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21722"
},
{
"name" : "21722",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21722"
"name": "GLSA-200610-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200610-05.xml"
},
{
"name" : "21726",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21726"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382474",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=382474"
},
{
"name" : "22450",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22450"
"name": "DSA-1165",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1165"
}
]
}

110
2006/3xxx/CVE-2006-3691.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3691",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3691",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060711 VBZooM \"sendmail.php\" SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440133/100/0/threaded"
"name": "20080507 VBZooM <=V1.11 \"reply.php\" SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491770/100/0/threaded"
},
{
"name" : "20060711 VBZooM <=V1.11 \" ignore-pm.php\" SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440145/100/0/threaded"
"name": "20060711 VBZooM \"sendmail.php\" SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440133/100/0/threaded"
},
{
"name" : "20060711 VBZooM <=V1.11 \" reply.php\" SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440141/100/0/threaded"
"name": "vbzoom-userid-sql-injection(42254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42254"
},
{
"name" : "20060711 VBZooM <=V1.11 \"sub-join.php\" SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440114/100/0/threaded"
"name": "28254",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28254"
},
{
"name" : "20080507 VBZooM <=V1.11 \"reply.php\" SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/491770/100/0/threaded"
"name": "1244",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1244"
},
{
"name" : "18937",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18937"
"name": "18937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18937"
},
{
"name" : "28254",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28254"
"name": "20060711 VBZooM <=V1.11 \" reply.php\" SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440141/100/0/threaded"
},
{
"name" : "1244",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1244"
"name": "20060711 VBZooM <=V1.11 \" ignore-pm.php\" SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440145/100/0/threaded"
},
{
"name" : "vbzoom-userid-sql-injection(42254)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42254"
"name": "20060711 VBZooM <=V1.11 \"sub-join.php\" SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440114/100/0/threaded"
}
]
}

92
2006/6xxx/CVE-2006-6254.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6254",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6254",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability."
"lang": "eng",
"value": "administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061124 Cahier de texte V2.0 SQL Code Execution Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452600/100/0/threaded"
"name": "http://acid-root.new.fr/poc/15061124.txt",
"refsource": "MISC",
"url": "http://acid-root.new.fr/poc/15061124.txt"
},
{
"name" : "http://acid-root.new.fr/poc/15061124.txt",
"refsource" : "MISC",
"url" : "http://acid-root.new.fr/poc/15061124.txt"
"name": "1961",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1961"
},
{
"name" : "21283",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21283"
"name": "ADV-2006-4701",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4701"
},
{
"name" : "ADV-2006-4701",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4701"
"name": "23122",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23122"
},
{
"name" : "23122",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23122"
"name": "20061124 Cahier de texte V2.0 SQL Code Execution Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452600/100/0/threaded"
},
{
"name" : "1961",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1961"
"name": "21283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21283"
}
]
}

74
2006/6xxx/CVE-2006-6266.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6266",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6266",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties."
"lang": "eng",
"value": "Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061129 New report on Teredo security",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452989/100/0/threaded"
"name": "http://www.symantec.com/avcenter/reference/Teredo_Security.pdf",
"refsource": "MISC",
"url": "http://www.symantec.com/avcenter/reference/Teredo_Security.pdf"
},
{
"name" : "20061129 Re: [Full-disclosure] New report on Teredo security",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452996/100/0/threaded"
"name": "20061129 Re: [Full-disclosure] New report on Teredo security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452996/100/0/threaded"
},
{
"name" : "http://www.symantec.com/avcenter/reference/Teredo_Security.pdf",
"refsource" : "MISC",
"url" : "http://www.symantec.com/avcenter/reference/Teredo_Security.pdf"
"name": "20061129 New report on Teredo security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452989/100/0/threaded"
}
]
}

122
2006/6xxx/CVE-2006-6290.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6290",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6290",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
"name": "1017276",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017276"
},
{
"name" : "http://secunia.com/secunia_research/2006-71/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2006-71/advisory/"
"name": "ADV-2006-4778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4778"
},
{
"name" : "http://www.mailenable.com/hotfix/",
"refsource" : "CONFIRM",
"url" : "http://www.mailenable.com/hotfix/"
"name": "23080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23080"
},
{
"name" : "21362",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21362"
"name": "21362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21362"
},
{
"name" : "ADV-2006-4673",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4673"
"name": "1017319",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017319"
},
{
"name" : "ADV-2006-4778",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4778"
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name" : "1017276",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017276"
"name": "ADV-2006-4673",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4673"
},
{
"name" : "1017319",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017319"
"name": "20061130 Secunia Research: MailEnable IMAP Service Two Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453118/100/100/threaded"
},
{
"name" : "23047",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23047"
"name": "23047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23047"
},
{
"name" : "23080",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23080"
"name": "mailenable-meimaps-bo(30614)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
},
{
"name" : "mailenable-meimaps-bo(30614)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30614"
"name": "http://secunia.com/secunia_research/2006-71/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-71/advisory/"
}
]
}

74
2006/6xxx/CVE-2006-6407.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6407",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6407",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
"lang": "eng",
"value": "F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
"name": "21461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name" : "http://www.quantenblog.net/security/virus-scanner-bypass",
"refsource" : "MISC",
"url" : "http://www.quantenblog.net/security/virus-scanner-bypass"
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"name" : "21461",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21461"
"name": "http://www.quantenblog.net/security/virus-scanner-bypass",
"refsource": "MISC",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
]
}

80
2006/7xxx/CVE-2006-7214.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7214",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7214",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf"
"name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf"
},
{
"name" : "DSA-1529",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1529"
"name": "28474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28474"
},
{
"name" : "28474",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28474"
"name": "29501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29501"
},
{
"name" : "29501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29501"
"name": "DSA-1529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1529"
}
]
}

98
2011/0xxx/CVE-2011-0145.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0145",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0145",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
"lang": "eng",
"value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4554",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4554"
"name": "http://support.apple.com/kb/HT4564",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4564"
},
{
"name" : "http://support.apple.com/kb/HT4564",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4564"
"name": "http://support.apple.com/kb/HT4566",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4566"
},
{
"name" : "http://support.apple.com/kb/HT4566",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4566"
"name": "APPLE-SA-2011-03-02-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name" : "APPLE-SA-2011-03-02-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
"name": "APPLE-SA-2011-03-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"name" : "APPLE-SA-2011-03-09-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
"name": "http://support.apple.com/kb/HT4554",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4554"
},
{
"name" : "APPLE-SA-2011-03-09-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
"name": "APPLE-SA-2011-03-09-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name" : "oval:org.mitre.oval:def:17127",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17127"
"name": "oval:org.mitre.oval:def:17127",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17127"
}
]
}

74
2011/0xxx/CVE-2011-0182.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0182",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0182",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry."
"lang": "eng",
"value": "The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4581",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4581"
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name" : "APPLE-SA-2011-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name": "8402",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8402"
},
{
"name" : "8402",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8402"
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}

68
2011/0xxx/CVE-2011-0318.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122."
"lang": "eng",
"value": "Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
},
{
"name" : "TA11-166A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
"name": "TA11-166A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
}
]
}

104
2011/0xxx/CVE-2011-0475.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document."
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=67100",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=67100"
"name": "chrome-pdf-pages-code-execution(64666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64666"
},
{
"name" : "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
"name": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"name" : "http://www.srware.net/forum/viewtopic.php?f=18&t=2054",
"refsource" : "CONFIRM",
"url" : "http://www.srware.net/forum/viewtopic.php?f=18&t=2054"
"name": "70458",
"refsource": "OSVDB",
"url": "http://osvdb.org/70458"
},
{
"name" : "45788",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45788"
"name": "45788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45788"
},
{
"name" : "70458",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70458"
"name": "http://www.srware.net/forum/viewtopic.php?f=18&t=2054",
"refsource": "CONFIRM",
"url": "http://www.srware.net/forum/viewtopic.php?f=18&t=2054"
},
{
"name" : "oval:org.mitre.oval:def:14606",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14606"
"name": "http://code.google.com/p/chromium/issues/detail?id=67100",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=67100"
},
{
"name" : "42951",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42951"
"name": "oval:org.mitre.oval:def:14606",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14606"
},
{
"name" : "chrome-pdf-pages-code-execution(64666)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64666"
"name": "42951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42951"
}
]
}

86
2011/3xxx/CVE-2011-3369.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3369",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3369",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet, related to the get_rpc function in decode_proto.c."
"lang": "eng",
"value": "The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet, related to the get_rpc function in decode_proto.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110919 CVE Request? etherape remote crash (denial of service)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/09/19/4"
"name": "[oss-security] 20110922 Re: CVE Request? etherape remote crash (denial of service)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/09/22/1"
},
{
"name" : "[oss-security] 20110922 Re: CVE Request? etherape remote crash (denial of service)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/09/22/1"
"name": "45989",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45989"
},
{
"name" : "http://etherape.sourceforge.net/NEWS.html",
"refsource" : "CONFIRM",
"url" : "http://etherape.sourceforge.net/NEWS.html"
"name": "[oss-security] 20110919 CVE Request? etherape remote crash (denial of service)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/09/19/4"
},
{
"name" : "http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712"
"name": "http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712"
},
{
"name" : "45989",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/45989"
"name": "http://etherape.sourceforge.net/NEWS.html",
"refsource": "CONFIRM",
"url": "http://etherape.sourceforge.net/NEWS.html"
}
]
}

22
2011/3xxx/CVE-2011-3409.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3409",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-3409",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

110
2011/3xxx/CVE-2011-3869.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3869",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3869",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file."
"lang": "eng",
"value": "Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb",
"refsource" : "CONFIRM",
"url" : "http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb"
"name": "FEDORA-2011-13633",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html"
},
{
"name" : "https://puppet.com/security/cve/cve-2011-3869",
"refsource" : "CONFIRM",
"url" : "https://puppet.com/security/cve/cve-2011-3869"
"name": "FEDORA-2011-13623",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html"
},
{
"name" : "DSA-2314",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2314"
"name": "DSA-2314",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2314"
},
{
"name" : "FEDORA-2011-13623",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html"
"name": "46458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46458"
},
{
"name" : "FEDORA-2011-13633",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html"
"name": "FEDORA-2011-13636",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html"
},
{
"name" : "FEDORA-2011-13636",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html"
"name": "http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb",
"refsource": "CONFIRM",
"url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb"
},
{
"name" : "USN-1223-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1223-1"
"name": "USN-1223-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1223-1"
},
{
"name" : "USN-1223-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1223-2"
"name": "USN-1223-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1223-2"
},
{
"name" : "46458",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46458"
"name": "https://puppet.com/security/cve/cve-2011-3869",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2011-3869"
}
]
}

74
2011/4xxx/CVE-2011-4031.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4031",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4031",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet."
"lang": "eng",
"value": "Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://technet.microsoft.com/en-us/security/msvr/msvr11-012",
"refsource" : "MISC",
"url" : "http://technet.microsoft.com/en-us/security/msvr/msvr11-012"
"name": "http://technet.microsoft.com/en-us/security/msvr/msvr11-012",
"refsource": "MISC",
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-012"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c2a2ad133eb9d42361804a568dee336992349a5e",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c2a2ad133eb9d42361804a568dee336992349a5e"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c2a2ad133eb9d42361804a568dee336992349a5e",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c2a2ad133eb9d42361804a568dee336992349a5e"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n0.8.3",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n0.8.3"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n0.8.3",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n0.8.3"
}
]
}

86
2011/4xxx/CVE-2011-4324.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4324",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4324",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem."
"lang": "eng",
"value": "The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120206 Re: CVE-2011-4324 kernel: nfsv4: mknod(2) DoS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/02/06/3"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9"
},
{
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29",
"refsource" : "CONFIRM",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29"
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9"
"name": "[oss-security] 20120206 Re: CVE-2011-4324 kernel: nfsv4: mknod(2) DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/02/06/3"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=755440",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=755440"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=755440",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=755440"
},
{
"name" : "https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9"
"name": "https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9"
}
]
}

104
2011/4xxx/CVE-2011-4622.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4622",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4622",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer."
"lang": "eng",
"value": "The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[kvm] 20111214 [PATCH 1/2] KVM: x86: Prevent starting PIT timers in the absence of irqchip support",
"refsource" : "MLIST",
"url" : "http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564"
"name": "RHSA-2012:0051",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0051.html"
},
{
"name" : "[oss-security] 20111221 Re: kernel: kvm: pit timer with no irqchip crashes the system",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/12/21/7"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=769721",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=769721"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=769721",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=769721"
"name": "51172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51172"
},
{
"name" : "RHSA-2012:0051",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0051.html"
"name": "[oss-security] 20111221 Re: kernel: kvm: pit timer with no irqchip crashes the system",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/21/7"
},
{
"name" : "openSUSE-SU-2013:0925",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
"name": "[kvm] 20111214 [PATCH 1/2] KVM: x86: Prevent starting PIT timers in the absence of irqchip support",
"refsource": "MLIST",
"url": "http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564"
},
{
"name" : "SUSE-SU-2012:0616",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html"
"name": "SUSE-SU-2012:0616",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html"
},
{
"name" : "51172",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51172"
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name" : "1026559",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026559"
"name": "1026559",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026559"
}
]
}

116
2011/4xxx/CVE-2011-4833.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4833",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4833",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_full_list action to index.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_full_list action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20111130 Sql injection in SugarCRM",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/520685/100/0/threaded"
"name": "sugarcrm-index-sql-injection(71586)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71586"
},
{
"name" : "https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html",
"refsource" : "MISC",
"url" : "https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html"
"name": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47839",
"refsource": "CONFIRM",
"url": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47839"
},
{
"name" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47800",
"refsource" : "CONFIRM",
"url" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47800"
"name": "https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html",
"refsource": "MISC",
"url": "https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html"
},
{
"name" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47805",
"refsource" : "CONFIRM",
"url" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47805"
"name": "77459",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/77459"
},
{
"name" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47806",
"refsource" : "CONFIRM",
"url" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47806"
"name": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47805",
"refsource": "CONFIRM",
"url": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47805"
},
{
"name" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47839",
"refsource" : "CONFIRM",
"url" : "http://www.sugarcrm.com/crm/support/bugs.html#issue_47839"
"name": "47011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47011"
},
{
"name" : "77459",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/77459"
"name": "1026369",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026369"
},
{
"name" : "1026369",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1026369"
"name": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47806",
"refsource": "CONFIRM",
"url": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47806"
},
{
"name" : "47011",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47011"
"name": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47800",
"refsource": "CONFIRM",
"url": "http://www.sugarcrm.com/crm/support/bugs.html#issue_47800"
},
{
"name" : "sugarcrm-index-sql-injection(71586)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71586"
"name": "20111130 Sql injection in SugarCRM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520685/100/0/threaded"
}
]
}

62
2011/4xxx/CVE-2011-4895.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4895",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4895",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building."
"lang": "eng",
"value": "Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blog.torproject.org/blog/tor-02234-released-security-patches",
"refsource" : "CONFIRM",
"url" : "https://blog.torproject.org/blog/tor-02234-released-security-patches"
"name": "https://blog.torproject.org/blog/tor-02234-released-security-patches",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
}
]
}

92
2011/4xxx/CVE-2011-4947.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4947",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4947",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120328 CVE-request: e107 HTB23004",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/03/28/4"
"name": "[oss-security] 20120328 CVE-request: e107 HTB23004",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/4"
},
{
"name" : "[oss-security] 20120328 Re: CVE-request: e107 HTB23004",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/03/29/3"
"name": "https://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html"
},
{
"name" : "https://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html"
"name": "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306",
"refsource": "CONFIRM",
"url": "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306"
},
{
"name" : "http://e107.org/svn_changelog.php?version=0.7.26",
"refsource" : "CONFIRM",
"url" : "http://e107.org/svn_changelog.php?version=0.7.26"
"name": "http://e107.org/svn_changelog.php?version=0.7.26",
"refsource": "CONFIRM",
"url": "http://e107.org/svn_changelog.php?version=0.7.26"
},
{
"name" : "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306",
"refsource" : "CONFIRM",
"url" : "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306"
"name": "[oss-security] 20120328 Re: CVE-request: e107 HTB23004",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/3"
},
{
"name" : "e107-usersextended-xss(68062)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68062"
"name": "e107-usersextended-xss(68062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68062"
}
]
}

22
2013/5xxx/CVE-2013-5116.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5116",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5116",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2013/5xxx/CVE-2013-5273.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5273",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5273",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2013/5xxx/CVE-2013-5806.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5806",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5806",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name" : "GLSA-201406-32",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name" : "HPSBUX02944",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
},
{
"name" : "SUSE-SU-2013:1666",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name" : "openSUSE-SU-2013:1663",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name" : "USN-2089-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2089-1"
"name": "oval:org.mitre.oval:def:18501",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18501"
},
{
"name" : "63122",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/63122"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name" : "oval:org.mitre.oval:def:18501",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18501"
"name": "63122",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63122"
}
]
}

86
2013/5xxx/CVE-2013-5883.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5883",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5883",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
"name": "64862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64862"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
"name": "102053",
"refsource": "OSVDB",
"url": "http://osvdb.org/102053"
},
{
"name" : "64862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64862"
"name": "oracle-cpujan2014-cve20135883(90363)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90363"
},
{
"name" : "102053",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102053"
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name" : "oracle-cpujan2014-cve20135883(90363)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90363"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}

86
2013/5xxx/CVE-2013-5965.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5965",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5965",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the hook_query_alter function, which might allow remote attackers to obtain sensitive information by reading a node listing."
"lang": "eng",
"value": "The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the hook_query_alter function, which might allow remote attackers to obtain sensitive information by reading a node listing."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130828 Drupal Node View Permissions module and Flag module Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-08/0184.html"
"name": "https://drupal.org/node/2031621",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/2031621"
},
{
"name" : "[oss-security] 20130911 Re: CVE request for Drupal contrib modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2013/09/11/9"
"name": "[oss-security] 20130911 Re: CVE request for Drupal contrib modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/09/11/9"
},
{
"name" : "https://drupal.org/node/2076315",
"refsource" : "MISC",
"url" : "https://drupal.org/node/2076315"
"name": "54550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54550"
},
{
"name" : "https://drupal.org/node/2031621",
"refsource" : "CONFIRM",
"url" : "https://drupal.org/node/2031621"
"name": "20130828 Drupal Node View Permissions module and Flag module Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0184.html"
},
{
"name" : "54550",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/54550"
"name": "https://drupal.org/node/2076315",
"refsource": "MISC",
"url": "https://drupal.org/node/2076315"
}
]
}

62
2014/2xxx/CVE-2014-2349.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2349",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2349",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges."
"lang": "eng",
"value": "Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02",
"refsource" : "MISC",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02"
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-133-02"
}
]
}

62
2014/2xxx/CVE-2014-2355.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2355",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2355",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file."
"lang": "eng",
"value": "The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-289-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-289-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-289-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-289-02"
}
]
}

22
2014/2xxx/CVE-2014-2661.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2661",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2661",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/2xxx/CVE-2014-2766.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2766",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-2766",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, and CVE-2014-2775."
"lang": "eng",
"value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, and CVE-2014-2775."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-035",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name" : "67850",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67850"
"name": "67850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67850"
},
{
"name" : "1030370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030370"
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
}
]
}

80
2014/2xxx/CVE-2014-2886.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2886",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2886",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GKSu 2.0.2, when sudo-mode is not enabled, uses \" (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during installation of a VirtualBox extension pack."
"lang": "eng",
"value": "GKSu 2.0.2, when sudo-mode is not enabled, uses \" (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during installation of a VirtualBox extension pack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://savannah.nongnu.org/bugs/?40023",
"refsource" : "MISC",
"url" : "http://savannah.nongnu.org/bugs/?40023"
"name": "GLSA-201812-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201812-10"
},
{
"name" : "https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu"
"name": "https://launchpad.net/bugs/1186676",
"refsource": "MISC",
"url": "https://launchpad.net/bugs/1186676"
},
{
"name" : "https://launchpad.net/bugs/1186676",
"refsource" : "MISC",
"url" : "https://launchpad.net/bugs/1186676"
"name": "http://savannah.nongnu.org/bugs/?40023",
"refsource": "MISC",
"url": "http://savannah.nongnu.org/bugs/?40023"
},
{
"name" : "GLSA-201812-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201812-10"
"name": "https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu"
}
]
}

22
2014/2xxx/CVE-2014-2985.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2985",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2985",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/6xxx/CVE-2014-6146.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6146",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6146",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files."
"lang": "eng",
"value": "IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689082",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689082"
"name": "62190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62190"
},
{
"name" : "IT04337",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04337"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689082",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689082"
},
{
"name" : "62190",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62190"
"name": "IT04337",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT04337"
},
{
"name" : "ibm-sterling-cve20146146-info-disc(96916)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96916"
"name": "ibm-sterling-cve20146146-info-disc(96916)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96916"
}
]
}

86
2014/6xxx/CVE-2014-6231.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6231",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6231",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010",
"refsource" : "MISC",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010"
"name": "69562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69562"
},
{
"name" : "http://typo3.org/extensions/repository/view/cwt_feedit",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/cwt_feedit"
"name": "60888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60888"
},
{
"name" : "69562",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69562"
"name": "http://typo3.org/extensions/repository/view/cwt_feedit",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/cwt_feedit"
},
{
"name" : "60888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60888"
"name": "cwtfeedit-unspecified-code-exec(95700)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95700"
},
{
"name" : "cwtfeedit-unspecified-code-exec(95700)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95700"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010"
}
]
}

80
2014/6xxx/CVE-2014-6389.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6389",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6389",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the d parameter."
"lang": "eng",
"value": "backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the d parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "34861",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/34861"
"name": "34861",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34861"
},
{
"name" : "20141001 CVE-2014-6389 - Remote Command Execution in PHPCompta/NOALYSS",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/7"
"name": "http://packetstormsecurity.com/files/128526/PHPCompta-NOALYSS-6.7.1-5638-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128526/PHPCompta-NOALYSS-6.7.1-5638-Remote-Command-Execution.html"
},
{
"name" : "http://packetstormsecurity.com/files/128526/PHPCompta-NOALYSS-6.7.1-5638-Remote-Command-Execution.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128526/PHPCompta-NOALYSS-6.7.1-5638-Remote-Command-Execution.html"
"name": "phpcompta-cve20146389-command-exec(96791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96791"
},
{
"name" : "phpcompta-cve20146389-command-exec(96791)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96791"
"name": "20141001 CVE-2014-6389 - Remote Command Execution in PHPCompta/NOALYSS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/7"
}
]
}

86
2014/6xxx/CVE-2014-6478.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6478",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6478",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "70489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70489"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name" : "SUSE-SU-2015:0743",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "70489",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70489"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}

74
2014/7xxx/CVE-2014-7375.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Childcare (aka com.app_macchildcare.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Childcare (aka com.app_macchildcare.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#281889",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/281889"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#281889",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/281889"
}
]
}

80
2017/0xxx/CVE-2017-0455.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0455",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0455",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-32370952. References: QC-CR#1082755."
"lang": "eng",
"value": "An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-32370952. References: QC-CR#1082755."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-03-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-03-01"
"name": "96812",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96812"
},
{
"name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f",
"refsource" : "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name" : "96812",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96812"
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name" : "1037968",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037968"
"name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=2c00928b4884fdb0b1661bcc530d7e68c9561a2f"
}
]
}

86
2017/0xxx/CVE-2017-0550.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0550",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0550",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-6.0"
"version_value": "Android-6.0"
},
{
"version_value" : "Android-6.0.1"
"version_value": "Android-6.0.1"
},
{
"version_value" : "Android-7.0"
"version_value": "Android-7.0"
},
{
"version_value" : "Android-7.1.1"
"version_value": "Android-7.1.1"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33933140."
"lang": "eng",
"value": "A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33933140."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of service"
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://android.googlesource.com/platform/external/libavc/+/7950bf47b6944546a0aff11a7184947de9591b51",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/external/libavc/+/7950bf47b6944546a0aff11a7184947de9591b51"
"name": "97336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97336"
},
{
"name" : "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01"
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name" : "97336",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97336"
"name": "https://android.googlesource.com/platform/external/libavc/+/7950bf47b6944546a0aff11a7184947de9591b51",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/libavc/+/7950bf47b6944546a0aff11a7184947de9591b51"
},
{
"name" : "1038201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201"
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}

74
2017/0xxx/CVE-2017-0636.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0636",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0636",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-N/A"
"version_value": "Android-N/A"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35310230. References: M-ALPS03162263."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35310230. References: M-ALPS03162263."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-06-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-06-01"
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name" : "98866",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98866"
"name": "98866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98866"
},
{
"name" : "1038623",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038623"
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}

64
2017/0xxx/CVE-2017-0825.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-10-02T00:00:00",
"ID" : "CVE-2017-0825",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-10-02T00:00:00",
"ID": "CVE-2017-0825",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android kernel"
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002."
"lang": "eng",
"value": "An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/pixel/2017-10-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-10-01"
"name": "https://source.android.com/security/bulletin/pixel/2017-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
}
]
}

66
2017/1000xxx/CVE-2017-1000466.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-12-29",
"ID" : "CVE-2017-1000466",
"REQUESTER" : "sajeeb.lohani@bulletproof.sh",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000466",
"REQUESTER": "sajeeb.lohani@bulletproof.sh",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "invoiceninja",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "<= invoiceninja v3.8.1"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "invoiceninja"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code."
"lang": "eng",
"value": "Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-79"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/invoiceninja/invoiceninja/issues/1727",
"refsource" : "CONFIRM",
"url" : "https://github.com/invoiceninja/invoiceninja/issues/1727"
"name": "https://github.com/invoiceninja/invoiceninja/issues/1727",
"refsource": "CONFIRM",
"url": "https://github.com/invoiceninja/invoiceninja/issues/1727"
}
]
}

68
2017/18xxx/CVE-2017-18309.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"ID" : "CVE-2017-18309",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18309",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value" : "SD 845, SD 850"
"version_value": "SD 845, SD 850"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850."
"lang": "eng",
"value": "A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Improper Validation of Array Index in G-Link"
"lang": "eng",
"value": "Improper Validation of Array Index in G-Link"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "1041432",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041432"
"name": "1041432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041432"
}
]
}

78
2017/1xxx/CVE-2017-1144.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-06-30T00:00:00",
"ID" : "CVE-2017-1144",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-06-30T00:00:00",
"ID": "CVE-2017-1144",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Integration Bus",
"version" : {
"version_data" : [
"product_name": "Integration Bus",
"version": {
"version_data": [
{
"version_value" : "9.0"
"version_value": "9.0"
},
{
"version_value" : "10.0"
"version_value": "10.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033."
"lang": "eng",
"value": "IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122033",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122033"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122033",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122033"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005383",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005383"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005383",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005383"
},
{
"name" : "99365",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99365"
"name": "99365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99365"
}
]
}

80
2017/1xxx/CVE-2017-1147.json
View File

@ -1,78 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-10-27T00:00:00",
"ID" : "CVE-2017-1147",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-10-27T00:00:00",
"ID": "CVE-2017-1147",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OpenPages GRC Platform",
"version" : {
"version_data" : [
"product_name": "OpenPages GRC Platform",
"version": {
"version_data": [
{
"version_value" : "7.1"
"version_value": "7.1"
},
{
"version_value" : "7.2"
"version_value": "7.2"
},
{
"version_value" : "7.3"
"version_value": "7.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 122200."
"lang": "eng",
"value": "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 122200."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122200",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/122200"
"name": "101663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101663"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21997685",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21997685"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122200",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/122200"
},
{
"name" : "101663",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101663"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21997685",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997685"
}
]
}

110
2017/1xxx/CVE-2017-1760.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-12-06T00:00:00",
"ID" : "CVE-2017-1760",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-12-06T00:00:00",
"ID": "CVE-2017-1760",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "MQ",
"version" : {
"version_data" : [
"product_name": "MQ",
"version": {
"version_data": [
{
"version_value" : "7.5"
"version_value": "7.5"
},
{
"version_value" : "8.0"
"version_value": "8.0"
},
{
"version_value" : "9.0"
"version_value": "9.0"
},
{
"version_value" : "9.0.1"
"version_value": "9.0.1"
},
{
"version_value" : "9.0.0.1"
"version_value": "9.0.0.1"
},
{
"version_value" : "9.0.2"
"version_value": "9.0.2"
},
{
"version_value" : "8.0.0.1"
"version_value": "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
"version_value": "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
"version_value": "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
"version_value": "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
"version_value": "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
"version_value": "8.0.0.6"
},
{
"version_value" : "9.0.3"
"version_value": "9.0.3"
},
{
"version_value" : "7.5.0.1"
"version_value": "7.5.0.1"
},
{
"version_value" : "7.5.0.2"
"version_value": "7.5.0.2"
},
{
"version_value" : "7.5.0.3"
"version_value": "7.5.0.3"
},
{
"version_value" : "7.5.0.4"
"version_value": "7.5.0.4"
},
{
"version_value" : "7.5.0.5"
"version_value": "7.5.0.5"
},
{
"version_value" : "7.5.0.6"
"version_value": "7.5.0.6"
},
{
"version_value" : "7.5.0.7"
"version_value": "7.5.0.7"
},
{
"version_value" : "7.5.0.8"
"version_value": "7.5.0.8"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash the queue manager agent thread and expose some sensitive information. IBM X-Force ID: 126454."
"lang": "eng",
"value": "IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash the queue manager agent thread and expose some sensitive information. IBM X-Force ID: 126454."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126454",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126454"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126454",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126454"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005392",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005392"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005392",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005392"
}
]
}

22
2017/1xxx/CVE-2017-1822.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1822",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1822",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4070.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4070",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4070",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4311.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4311",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4311",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4434.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4434",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4434",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

68
2017/4xxx/CVE-2017-4980.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security_alert@emc.com",
"ID" : "CVE-2017-4980",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4980",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"version" : {
"version_data" : [
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"version": {
"version_data": [
{
"version_value" : "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
"lang": "eng",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Path Traversal Vulnerability"
"lang": "eng",
"value": "Path Traversal Vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.securityfocus.com/archive/1/540338/30/0/threaded",
"refsource" : "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
"name": "97222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97222"
},
{
"name" : "97222",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97222"
"name": "http://www.securityfocus.com/archive/1/540338/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
]
}

68
2017/5xxx/CVE-2017-5255.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@rapid7.com",
"ID" : "CVE-2017-5255",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"ID": "CVE-2017-5255",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "ePMP",
"version" : {
"version_data" : [
"product_name": "ePMP",
"version": {
"version_data": [
{
"version_value" : "3.5 and prior"
"version_value": "3.5 and prior"
}
]
}
}
]
},
"vendor_name" : "Cambium Networks"
"vendor_name": "Cambium Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root."
"lang": "eng",
"value": "In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))"
"lang": "eng",
"value": "CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "43413",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43413/"
"name": "43413",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43413/"
},
{
"name" : "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/",
"refsource" : "MISC",
"url" : "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/"
"name": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/"
}
]
}