admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:17:33 +00:00
parent da30d8a7fe
commit 0eb619b627
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4854 additions and 4854 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
2006/0xxx/CVE-2006-0325.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0325", "ID": "CVE-2006-0325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web site in January 2006 after January 10, contains a back door in manager/includes/todo.inc.php, which allows remote attackers to execute arbitrary commands via the \"cij\" parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060130 Etomite followup information", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/423523/100/0/threaded" "lang": "eng",
}, "value": "Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web site in January 2006 after January 10, contains a back door in manager/includes/todo.inc.php, which allows remote attackers to execute arbitrary commands via the \"cij\" parameter."
{ }
"name" : "20060127 Etomite CMS \"Backdoored\"", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/423497/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.lucaercoli.it/advs/etomite.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.lucaercoli.it/advs/etomite.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.etomite.org/forums/index.php?showtopic=4291", ]
"refsource" : "CONFIRM", }
"url" : "http://www.etomite.org/forums/index.php?showtopic=4291" ]
}, },
{ "references": {
"name" : "http://www.etomite.org/forums/index.php?showtopic=4185", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.etomite.org/forums/index.php?showtopic=4185" "name": "16336",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16336"
"name" : "16336", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16336" "name": "18556",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18556"
"name" : "ADV-2006-0283", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0283" "name": "ADV-2006-0283",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0283"
"name" : "22693", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22693" "name": "http://www.etomite.org/forums/index.php?showtopic=4185",
}, "refsource": "CONFIRM",
{ "url": "http://www.etomite.org/forums/index.php?showtopic=4185"
"name" : "18556", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18556" "name": "22693",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22693"
"name" : "etomite-default-backdoor(24254)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24254" "name": "20060127 Etomite CMS \"Backdoored\"",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/423497/100/0/threaded"
} },
} {
"name": "etomite-default-backdoor(24254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24254"
},
{
"name": "http://www.etomite.org/forums/index.php?showtopic=4291",
"refsource": "CONFIRM",
"url": "http://www.etomite.org/forums/index.php?showtopic=4291"
},
{
"name": "http://www.lucaercoli.it/advs/etomite.txt",
"refsource": "MISC",
"url": "http://www.lucaercoli.it/advs/etomite.txt"
},
{
"name": "20060130 Etomite followup information",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423523/100/0/threaded"
}
]
}
}

170
2006/1xxx/CVE-2006-1121.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1121", "ID": "CVE-2006-1121",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060304 [KAPDA::#30] - CuteNews1.4.1 Cross_Site_Scripting Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/426759/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php."
{ }
"name" : "http://kapda.ir/advisory-277.html", ]
"refsource" : "MISC", },
"url" : "http://kapda.ir/advisory-277.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16961", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16961" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1015726", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1015726" ]
}, },
{ "references": {
"name" : "531", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/531" "name": "cutenews-index-script-xss(25052)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25052"
"name" : "cutenews-index-script-xss(25052)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25052" "name": "20060304 [KAPDA::#30] - CuteNews1.4.1 Cross_Site_Scripting Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/426759/100/0/threaded"
} },
} {
"name": "16961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16961"
},
{
"name": "1015726",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015726"
},
{
"name": "http://kapda.ir/advisory-277.html",
"refsource": "MISC",
"url": "http://kapda.ir/advisory-277.html"
},
{
"name": "531",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/531"
}
]
}
}

220
2006/1xxx/CVE-2006-1185.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2006-1185", "ID": "CVE-2006-1185",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS06-013", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013" "lang": "eng",
}, "value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
{ }
"name" : "TA06-101A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-101A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#503124", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/503124" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17450", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17450" ]
}, },
{ "references": {
"name" : "ADV-2006-1318", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1318" "name": "18957",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18957"
"name" : "oval:org.mitre.oval:def:1677", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677" "name": "1015900",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015900"
"name" : "oval:org.mitre.oval:def:1711", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711" "name": "oval:org.mitre.oval:def:1677",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
"name" : "oval:org.mitre.oval:def:787", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787" "name": "oval:org.mitre.oval:def:787",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
"name" : "1015900", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015900" "name": "TA06-101A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
"name" : "18957", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18957" "name": "oval:org.mitre.oval:def:1711",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
"name" : "ie-html-execute-code(25542)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542" "name": "17450",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17450"
} },
} {
"name": "ie-html-execute-code(25542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
]
}
}

200
2006/1xxx/CVE-2006-1196.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1196", "ID": "CVE-2006-1196",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) from and (2) help parameters to (a) index.php; (3) action, (4) page, (5) debug, (6) help, (7) username, or (8) password parameters to (b) login.php; the (7) help parameter to (c) pageindex.php; or (8) help parameter to (d) recentchanges.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) from and (2) help parameters to (a) index.php; (3) action, (4) page, (5) debug, (6) help, (7) username, or (8) password parameters to (b) login.php; the (7) help parameter to (c) pageindex.php; or (8) help parameter to (d) recentchanges.php."
{ }
"name" : "17064", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17064" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0910", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0910" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23786", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/23786" ]
}, },
{ "references": {
"name" : "23787", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23787" "name": "23788",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23788"
"name" : "23788", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23788" "name": "19182",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19182"
"name" : "23789", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23789" "name": "17064",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17064"
"name" : "19182", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19182" "name": "23789",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23789"
"name" : "qwikiwiki-multiple-scripts-xss(25128)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25128" "name": "qwikiwiki-multiple-scripts-xss(25128)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25128"
} },
} {
"name": "http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt",
"refsource": "MISC",
"url": "http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt"
},
{
"name": "23786",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23786"
},
{
"name": "ADV-2006-0910",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0910"
},
{
"name": "23787",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23787"
}
]
}
}

640
2006/5xxx/CVE-2006-5101.json
View File

@ -1,322 +1,322 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5101", "ID": "CVE-2006-5101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060927 Comdev CSV Importer 3.1 :) <= Remote File Inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447184/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected."
{ }
"name" : "20060927 Comdev Contact Form 3.1 :) <= Remote File Inclusion", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/447192/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060927 Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447188/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20060927 Comdev Events Calendar 3.1 :) <= Remote File Inclusion", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/447213/100/0/threaded" ]
}, },
{ "references": {
"name" : "20060927 Comdev FAQ Support 3.1 :) <= Remote File Inclusion", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447201/100/0/threaded" "name": "ADV-2006-3807",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3807"
"name" : "20060927 Comdev Guestbook 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447207/100/0/threaded" "name": "ADV-2006-3811",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3811"
"name" : "20060927 Comdev Links Directory 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447185/100/0/threaded" "name": "29300",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29300"
"name" : "20060927 Comdev News Publisher 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447190/100/0/threaded" "name": "29310",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29310"
"name" : "20060927 Comdev Newsletter 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447209/100/0/threaded" "name": "20060927 Comdev News Publisher 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447190/100/0/threaded"
"name" : "20060927 Comdev Photo Gallery 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447187/100/0/threaded" "name": "22147",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22147"
"name" : "20060927 Comdev Vote Caster 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447186/100/0/threaded" "name": "22157",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22157"
"name" : "20060927 Comdev Web Blogger 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447193/100/0/threaded" "name": "20060927 Comdev Contact Form 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447192/100/0/threaded"
"name" : "20060927 Comdev eCommerce 3.1 :) <= Remote File Inclusion", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447194/100/0/threaded" "name": "20060927 Comdev eCommerce 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447194/100/0/threaded"
"name" : "ADV-2006-3808", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3808" "name": "29303",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29303"
"name" : "ADV-2006-3803", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3803" "name": "ADV-2006-3806",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3806"
"name" : "ADV-2006-3804", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3804" "name": "22153",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22153"
"name" : "ADV-2006-3805", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3805" "name": "22169",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22169"
"name" : "ADV-2006-3806", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3806" "name": "ADV-2006-3809",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3809"
"name" : "ADV-2006-3807", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3807" "name": "ADV-2006-3813",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3813"
"name" : "ADV-2006-3809", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3809" "name": "1658",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1658"
"name" : "ADV-2006-3810", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3810" "name": "29305",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29305"
"name" : "ADV-2006-3811", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3811" "name": "20060927 Comdev Newsletter 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447209/100/0/threaded"
"name" : "ADV-2006-3812", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3812" "name": "29311",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29311"
"name" : "ADV-2006-3813", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3813" "name": "22170",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22170"
"name" : "ADV-2006-3814", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3814" "name": "20060927 Comdev Photo Gallery 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447187/100/0/threaded"
"name" : "ADV-2006-3815", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3815" "name": "29307",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29307"
"name" : "29299", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29299" "name": "20060927 Comdev Events Calendar 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447213/100/0/threaded"
"name" : "29300", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29300" "name": "22168",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22168"
"name" : "29301", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29301" "name": "20060927 Comdev Guestbook 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447207/100/0/threaded"
"name" : "29302", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29302" "name": "29304",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29304"
"name" : "29303", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29303" "name": "22149",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22149"
"name" : "29305", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29305" "name": "ADV-2006-3808",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3808"
"name" : "29307", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29307" "name": "20060927 Comdev Vote Caster 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447186/100/0/threaded"
"name" : "29310", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29310" "name": "ADV-2006-3804",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3804"
"name" : "29311", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29311" "name": "22135",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22135"
"name" : "29306", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29306" "name": "29306",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29306"
"name" : "29304", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29304" "name": "22154",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22154"
"name" : "29308", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29308" "name": "22134",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22134"
"name" : "29309", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29309" "name": "ADV-2006-3812",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3812"
"name" : "22135", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22135" "name": "20060927 Comdev FAQ Support 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447201/100/0/threaded"
"name" : "22133", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22133" "name": "ADV-2006-3810",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3810"
"name" : "22134", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22134" "name": "29308",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29308"
"name" : "22147", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22147" "name": "22133",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22133"
"name" : "22149", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22149" "name": "29302",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29302"
"name" : "22151", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22151" "name": "20060927 Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447188/100/0/threaded"
"name" : "22153", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22153" "name": "ADV-2006-3805",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3805"
"name" : "22154", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22154" "name": "comdev-include-file-include(29220)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29220"
"name" : "22157", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22157" "name": "29301",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29301"
"name" : "22168", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22168" "name": "ADV-2006-3803",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3803"
"name" : "22169", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22169" "name": "29299",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29299"
"name" : "22170", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22170" "name": "20060927 Comdev Links Directory 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447185/100/0/threaded"
"name" : "1658", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1658" "name": "20060927 Comdev Web Blogger 3.1 :) <= Remote File Inclusion",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447193/100/0/threaded"
"name" : "comdev-include-file-include(29220)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29220" "name": "22151",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22151"
} },
} {
"name": "ADV-2006-3814",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3814"
},
{
"name": "20060927 Comdev CSV Importer 3.1 :) <= Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447184/100/0/threaded"
},
{
"name": "29309",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29309"
},
{
"name": "ADV-2006-3815",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3815"
}
]
}
}

220
2006/5xxx/CVE-2006-5343.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5343", "ID": "CVE-2006-5343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061018 Analysis of the Oracle October 2006 Critical Patch Update", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/449110/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19."
{ }
"name" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html" ]
}, },
{ "references": {
"name" : "HPSBMA02133", "reference_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" "name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
}, "refsource": "MISC",
{ "url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
"name" : "SSRT061201", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" "name": "20588",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20588"
"name" : "TA06-291A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html" "name": "HPSBMA02133",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
"name" : "20588", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20588" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
"name" : "ADV-2006-4065", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4065" "name": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf",
}, "refsource": "MISC",
{ "url": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf"
"name" : "1017077", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017077" "name": "20061018 Analysis of the Oracle October 2006 Critical Patch Update",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/449110/100/0/threaded"
"name" : "22396", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22396" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
} },
} {
"name": "ADV-2006-4065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name": "22396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22396"
},
{
"name": "1017077",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017077"
},
{
"name": "TA06-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
}
]
}
}

200
2006/5xxx/CVE-2006-5350.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5350", "ID": "CVE-2006-5350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBMA02133", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT061201", ]
"refsource" : "HP", }
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" ]
}, },
{ "references": {
"name" : "TA06-291A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html" "name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
}, "refsource": "MISC",
{ "url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
"name" : "20588", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20588" "name": "20588",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20588"
"name" : "ADV-2006-4065", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4065" "name": "HPSBMA02133",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
"name" : "1017077", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017077" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
"name" : "22396", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22396" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
} },
} {
"name": "ADV-2006-4065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name": "22396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22396"
},
{
"name": "1017077",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017077"
},
{
"name": "TA06-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
}
]
}
}

200
2006/5xxx/CVE-2006-5367.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5367", "ID": "CVE-2006-5367",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard, (4) APPS09 in Oracle Scripting, and (5) APPS10 in Oracle Trading Community."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard, (4) APPS09 in Oracle Scripting, and (5) APPS10 in Oracle Trading Community."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBMA02133", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT061201", ]
"refsource" : "HP", }
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded" ]
}, },
{ "references": {
"name" : "TA06-291A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html" "name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
}, "refsource": "MISC",
{ "url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
"name" : "20588", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20588" "name": "20588",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20588"
"name" : "ADV-2006-4065", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4065" "name": "HPSBMA02133",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
"name" : "1017077", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017077" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
"name" : "22396", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22396" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
} },
} {
"name": "ADV-2006-4065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name": "22396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22396"
},
{
"name": "1017077",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017077"
},
{
"name": "TA06-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
}
]
}
}

130
2006/5xxx/CVE-2006-5435.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5435", "ID": "CVE-2006-5435",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061018 PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/449114/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use."
{ }
"name" : "20061018 Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/449232/100/0/threaded" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061018 PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449114/100/0/threaded"
},
{
"name": "20061018 Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449232/100/0/threaded"
}
]
}
}

150
2006/5xxx/CVE-2006-5600.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5600", "ID": "CVE-2006-5600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Axalto Protiva 1.1, possibly only non-commercial versions, stores passwords in plaintext in files with insecure permissions, which allows local users to gain privileges by reading the passwords from (1) KeyTool\\keytool.config or (2) webapps\\protiva\\WEB-INF\\classes\\authserver.config."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061026 Insecure storage of passwords in Axalto Protiva", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/449891/100/0/threaded" "lang": "eng",
}, "value": "Axalto Protiva 1.1, possibly only non-commercial versions, stores passwords in plaintext in files with insecure permissions, which allows local users to gain privileges by reading the passwords from (1) KeyTool\\keytool.config or (2) webapps\\protiva\\WEB-INF\\classes\\authserver.config."
{ }
"name" : "20755", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20755" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1793", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1793" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "axalto-password-information-disclosure(29839)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29839" ]
} },
] "references": {
} "reference_data": [
} {
"name": "axalto-password-information-disclosure(29839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29839"
},
{
"name": "1793",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1793"
},
{
"name": "20755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20755"
},
{
"name": "20061026 Insecure storage of passwords in Axalto Protiva",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449891/100/0/threaded"
}
]
}
}

190
2007/2xxx/CVE-2007-2031.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2031", "ID": "CVE-2007-2031",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070423 3proxy 0.5.3i bugfix release", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466650/100/100/threaded" "lang": "eng",
}, "value": "Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests."
{ }
"name" : "http://3proxy.ru/0.5.3h/Changelog.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://3proxy.ru/0.5.3h/Changelog.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-200704-17", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200704-17.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23545", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23545" ]
}, },
{ "references": {
"name" : "ADV-2007-1442", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1442" "name": "GLSA-200704-17",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200704-17.xml"
"name" : "24961", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24961" "name": "25001",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25001"
"name" : "25001", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25001" "name": "3proxy-transparent-requests-bo(33841)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33841"
"name" : "3proxy-transparent-requests-bo(33841)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33841" "name": "24961",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24961"
} },
} {
"name": "http://3proxy.ru/0.5.3h/Changelog.txt",
"refsource": "CONFIRM",
"url": "http://3proxy.ru/0.5.3h/Changelog.txt"
},
{
"name": "ADV-2007-1442",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1442"
},
{
"name": "23545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23545"
},
{
"name": "20070423 3proxy 0.5.3i bugfix release",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466650/100/100/threaded"
}
]
}
}

140
2007/2xxx/CVE-2007-2051.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2051", "ID": "CVE-2007-2051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=500238&group_id=32077", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=500238&group_id=32077" "lang": "eng",
}, "value": "Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable."
{ }
"name" : "ADV-2007-1347", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/1347" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34890", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34890" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "34890",
"refsource": "OSVDB",
"url": "http://osvdb.org/34890"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=500238&group_id=32077",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=500238&group_id=32077"
},
{
"name": "ADV-2007-1347",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1347"
}
]
}
}

170
2007/2xxx/CVE-2007-2624.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2624", "ID": "CVE-2007-2624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dynamic variable evaluation vulnerability in shared/config/cp_config.php in All In One Control Panel (AIOCP) before 1.3.016 allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks via the SERVER superglobal array. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=504924", "description_data": [
"refsource" : "MISC", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=504924" "lang": "eng",
}, "value": "Dynamic variable evaluation vulnerability in shared/config/cp_config.php in All In One Control Panel (AIOCP) before 1.3.016 allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks via the SERVER superglobal array. NOTE: some of these details are obtained from third party information."
{ }
"name" : "23790", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23790" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1637", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1637" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35534", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35534" ]
}, },
{ "references": {
"name" : "25088", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25088" "name": "25088",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25088"
"name" : "aiocp-cpconfig-xss(34038)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34038" "name": "http://sourceforge.net/project/shownotes.php?release_id=504924",
} "refsource": "MISC",
] "url": "http://sourceforge.net/project/shownotes.php?release_id=504924"
} },
} {
"name": "aiocp-cpconfig-xss(34038)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34038"
},
{
"name": "23790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23790"
},
{
"name": "ADV-2007-1637",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1637"
},
{
"name": "35534",
"refsource": "OSVDB",
"url": "http://osvdb.org/35534"
}
]
}
}

140
2007/2xxx/CVE-2007-2717.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2717", "ID": "CVE-2007-2717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3907", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3907" "lang": "eng",
}, "value": "SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537."
{ }
"name" : "23949", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23949" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37910", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37910" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "3907",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3907"
},
{
"name": "37910",
"refsource": "OSVDB",
"url": "http://osvdb.org/37910"
},
{
"name": "23949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23949"
}
]
}
}

260
2007/2xxx/CVE-2007-2967.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2967", "ID": "CVE-2007-2967",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/470462/100/0/threaded" "lang": "eng",
}, "value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files."
{ }
"name" : "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/470484/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory", ]
"refsource" : "FULLDISC", }
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html" ]
}, },
{ "references": {
"name" : "http://www.nruns.com/security_advisory_fsecure_arj.php", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.nruns.com/security_advisory_fsecure_arj.php" "name": "36725",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36725"
"name" : "http://www.nruns.com/security_advisory_fsecure_fsg.php", },
"refsource" : "MISC", {
"url" : "http://www.nruns.com/security_advisory_fsecure_fsg.php" "name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
"name" : "http://www.f-secure.com/security/fsc-2007-3.shtml", },
"refsource" : "CONFIRM", {
"url" : "http://www.f-secure.com/security/fsc-2007-3.shtml" "name": "http://www.nruns.com/security_advisory_fsecure_arj.php",
}, "refsource": "MISC",
{ "url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
"name" : "36725", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36725" "name": "1018148",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018148"
"name" : "36726", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36726" "name": "1018147",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018147"
"name" : "ADV-2007-1985", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1985" "name": "1018146",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018146"
"name" : "1018146", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018146" "name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
"name" : "1018147", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018147" "name": "ADV-2007-1985",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1985"
"name" : "1018148", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018148" "name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
"name" : "25440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25440" "name": "http://www.nruns.com/security_advisory_fsecure_fsg.php",
}, "refsource": "MISC",
{ "url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
"name" : "fsecure-unspecified-archive-dos(34581)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581" "name": "36726",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/36726"
} },
} {
"name": "http://www.f-secure.com/security/fsc-2007-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"name": "25440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25440"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"name": "fsecure-unspecified-archive-dos(34581)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
}
]
}
}

150
2010/0xxx/CVE-2010-0031.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0031", "ID": "CVE-2010-0031",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-004", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-004" "lang": "eng",
}, "value": "Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka \"PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability.\""
{ }
"name" : "TA10-040A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:8081", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8081" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1023563", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1023563" ]
} },
] "references": {
} "reference_data": [
} {
"name": "oval:org.mitre.oval:def:8081",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8081"
},
{
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "MS10-004",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-004"
},
{
"name": "1023563",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023563"
}
]
}
}

290
2010/0xxx/CVE-2010-0047.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-0047", "ID": "CVE-2010-0047",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to \"HTML object element fallback content.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4070", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4070" "lang": "eng",
}, "value": "Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to \"HTML object element fallback content.\""
{ }
"name" : "http://support.apple.com/kb/HT4225", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4225" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2010-03-11-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-06-21-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" ]
}, },
{ "references": {
"name" : "FEDORA-2010-8360", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html" "name": "MDVSA-2011:039",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
"name" : "FEDORA-2010-8379", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html" "name": "APPLE-SA-2010-03-11-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html"
"name" : "FEDORA-2010-8423", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html" "name": "ADV-2010-2722",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2722"
"name" : "MDVSA-2011:039", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" "name": "43068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43068"
"name" : "SUSE-SR:2011:002", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "name": "USN-1006-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1006-1"
"name" : "USN-1006-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1006-1" "name": "1023708",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1023708"
"name" : "38671", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38671" "name": "41856",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/41856"
"name" : "oval:org.mitre.oval:def:6882", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6882" "name": "ADV-2011-0212",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0212"
"name" : "1023708", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023708" "name": "http://support.apple.com/kb/HT4225",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4225"
"name" : "41856", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41856" "name": "FEDORA-2010-8360",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html"
"name" : "43068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43068" "name": "http://support.apple.com/kb/HT4070",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4070"
"name" : "ADV-2010-2722", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2722" "name": "SUSE-SR:2011:002",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name" : "ADV-2011-0212", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0212" "name": "oval:org.mitre.oval:def:6882",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6882"
"name" : "ADV-2011-0552", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0552" "name": "ADV-2011-0552",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0552"
} },
} {
"name": "FEDORA-2010-8379",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html"
},
{
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name": "38671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38671"
},
{
"name": "FEDORA-2010-8423",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html"
}
]
}
}

130
2010/0xxx/CVE-2010-0072.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0072", "ID": "CVE-2010-0072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a \"reverse lookup of connections\" to TCP port 10000."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a \"reverse lookup of connections\" to TCP port 10000."
{ }
"name" : "TA10-012A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html"
},
{
"name": "TA10-012A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html"
}
]
}
}

420
2010/0xxx/CVE-2010-0410.json
View File

@ -1,212 +1,212 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0410", "ID": "CVE-2010-0410",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" "lang": "eng",
}, "value": "drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages."
{ }
"name" : "[oss-security] 20100203 CVE request: kernel OOM/crash in drivers/connector", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2010/02/03/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20100203 Re: CVE request: kernel OOM/crash in drivers/connector", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/02/03/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7" ]
}, },
{ "references": {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8" "name": "USN-914-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-914-1"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=561682", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=561682" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8"
"name" : "http://support.avaya.com/css/P8/documents/100088287", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100088287" "name": "ADV-2010-0638",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0638"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" "name": "38557",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38557"
"name" : "DSA-1996", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-1996" "name": "FEDORA-2010-1804",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html"
"name" : "DSA-2005", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2005" "name": "oval:org.mitre.oval:def:10903",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10903"
"name" : "FEDORA-2010-1787", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html" "name": "38779",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38779"
"name" : "FEDORA-2010-1804", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html" "name": "MDVSA-2010:088",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:088"
"name" : "MDVSA-2010:088", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:088" "name": "39649",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39649"
"name" : "RHSA-2010:0161", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0161.html" "name": "SUSE-SA:2010:014",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html"
"name" : "RHSA-2010:0398", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0398.html" "name": "38922",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38922"
"name" : "SUSE-SA:2010:018", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html" "name": "[oss-security] 20100203 Re: CVE request: kernel OOM/crash in drivers/connector",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/02/03/3"
"name" : "SUSE-SA:2010:019", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html" "name": "SUSE-SA:2010:018",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html"
"name" : "SUSE-SA:2010:023", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2010_23_kernel.html" "name": "DSA-1996",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-1996"
"name" : "SUSE-SA:2010:014", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html" "name": "38058",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/38058"
"name" : "USN-914-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-914-1" "name": "FEDORA-2010-1787",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
"name" : "38058", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38058" "name": "43315",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43315"
"name" : "oval:org.mitre.oval:def:10903", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10903" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=561682",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561682"
"name" : "38492", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38492" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7"
"name" : "38557", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38557" "name": "39033",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39033"
"name" : "38922", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38922" "name": "RHSA-2010:0398",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0398.html"
"name" : "39649", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39649" "name": "SUSE-SA:2010:019",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html"
"name" : "39742", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39742" "name": "SUSE-SA:2010:023",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2010_23_kernel.html"
"name" : "38779", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38779" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name" : "39033", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39033" "name": "39742",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39742"
"name" : "43315", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43315" "name": "[oss-security] 20100203 CVE request: kernel OOM/crash in drivers/connector",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/02/03/1"
"name" : "ADV-2010-0638", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0638" "name": "http://support.avaya.com/css/P8/documents/100088287",
} "refsource": "CONFIRM",
] "url": "http://support.avaya.com/css/P8/documents/100088287"
} },
} {
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "38492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38492"
},
{
"name": "RHSA-2010:0161",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html"
}
]
}
}

34
2010/0xxx/CVE-2010-0626.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0626", "ID": "CVE-2010-0626",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2010/0xxx/CVE-2010-0869.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0869", "ID": "CVE-2010-0869",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors."
{ }
"name" : "TA10-103B", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1023859", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023859" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39441", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/39441" ]
} },
] "references": {
} "reference_data": [
} {
"name": "TA10-103B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
},
{
"name": "1023859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023859"
},
{
"name": "39441",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39441"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
}
]
}
}

130
2010/1xxx/CVE-2010-1366.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1366", "ID": "CVE-2010-1366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1002-exploits/uigafanclub-sql.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1002-exploits/uigafanclub-sql.txt" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters."
{ }
"name" : "11593", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11593" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11593",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11593"
},
{
"name": "http://packetstormsecurity.org/1002-exploits/uigafanclub-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1002-exploits/uigafanclub-sql.txt"
}
]
}
}

130
2010/1xxx/CVE-2010-1580.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2010-1580", "ID": "CVE-2010-1580",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml" "lang": "eng",
}, "value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753."
{ }
"name" : "40842", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/40842" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}

34
2010/3xxx/CVE-2010-3917.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3917", "ID": "CVE-2010-3917",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2010/4xxx/CVE-2010-4239.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4239", "ID": "CVE-2010-4239",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2010/4xxx/CVE-2010-4600.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4600", "ID": "CVE-2010-4600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an \"open direct\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1.1.4-RATL-RCQ.ux.readme", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1.1.4-RATL-RCQ.ux.readme" "lang": "eng",
}, "value": "Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an \"open direct\" issue."
{ }
"name" : "PM15146", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42624", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42624" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1.1.4-RATL-RCQ.ux.readme",
"refsource": "CONFIRM",
"url": "ftp://public.dhe.ibm.com/software/rational/clearquest/7.1.1/7.1.1.4-RATL-RCQ/7.1.1.4-RATL-RCQ.ux.readme"
},
{
"name": "PM15146",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146"
},
{
"name": "42624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42624"
}
]
}
}

150
2010/4xxx/CVE-2010-4711.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4711", "ID": "CVE-2010-4711",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-10-242/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-10-242/" "lang": "eng",
}, "value": "Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command."
{ }
"name" : "http://www.facebook.com/note.php?note_id=477865030928", ]
"refsource" : "CONFIRM", },
"url" : "http://www.facebook.com/note.php?note_id=477865030928" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.novell.com/support/viewContent.do?externalId=7007151&sliceId=1", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/viewContent.do?externalId=7007151&sliceId=1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=647519", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=647519" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://zerodayinitiative.com/advisories/ZDI-10-242/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-10-242/"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7007151&sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007151&sliceId=1"
},
{
"name": "http://www.facebook.com/note.php?note_id=477865030928",
"refsource": "CONFIRM",
"url": "http://www.facebook.com/note.php?note_id=477865030928"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=647519",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=647519"
}
]
}
}

150
2010/4xxx/CVE-2010-4858.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4858", "ID": "CVE-2010-4858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15204", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15204" "lang": "eng",
}, "value": "Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter."
{ }
"name" : "http://packetstormsecurity.org/1010-exploits/dnetlivestats-lfi.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/1010-exploits/dnetlivestats-lfi.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "43708", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43708" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "8417", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/8417" ]
} },
] "references": {
} "reference_data": [
} {
"name": "8417",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8417"
},
{
"name": "43708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43708"
},
{
"name": "15204",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15204"
},
{
"name": "http://packetstormsecurity.org/1010-exploits/dnetlivestats-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1010-exploits/dnetlivestats-lfi.txt"
}
]
}
}

150
2010/4xxx/CVE-2010-4871.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4871", "ID": "CVE-2010-4871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://smartftp.com/forums/index.php?/topic/16425-smartftp-client-4-0-change-log", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://smartftp.com/forums/index.php?/topic/16425-smartftp-client-4-0-change-log" "lang": "eng",
}, "value": "Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename."
{ }
"name" : "69136", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/69136" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42060", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42060" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "smartftp-filename-unspecified(63113)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63113" ]
} },
] "references": {
} "reference_data": [
} {
"name": "42060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42060"
},
{
"name": "http://smartftp.com/forums/index.php?/topic/16425-smartftp-client-4-0-change-log",
"refsource": "CONFIRM",
"url": "http://smartftp.com/forums/index.php?/topic/16425-smartftp-client-4-0-change-log"
},
{
"name": "smartftp-filename-unspecified(63113)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63113"
},
{
"name": "69136",
"refsource": "OSVDB",
"url": "http://osvdb.org/69136"
}
]
}
}

150
2014/0xxx/CVE-2014-0157.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0157", "ID": "CVE-2014-0157",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140408 [OSSA 2014-010] XSS in Horizon orchestration dashboard (CVE-2014-0157)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/04/08/8" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template."
{ }
"name" : "https://launchpad.net/bugs/1289033", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.net/bugs/1289033" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openSUSE-SU-2015:0078", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "66706", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/66706" ]
} },
] "references": {
} "reference_data": [
} {
"name": "66706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66706"
},
{
"name": "[oss-security] 20140408 [OSSA 2014-010] XSS in Horizon orchestration dashboard (CVE-2014-0157)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/08/8"
},
{
"name": "https://launchpad.net/bugs/1289033",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/1289033"
},
{
"name": "openSUSE-SU-2015:0078",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html"
}
]
}
}

120
2014/0xxx/CVE-2014-0180.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0180", "ID": "CVE-2014-0180",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The wait_for_task function in app/controllers/application_controller.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "RHSA-2014:0816", "description_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0816.html" "lang": "eng",
} "value": "The wait_for_task function in app/controllers/application_controller.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0816",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0816.html"
}
]
}
}

120
2014/0xxx/CVE-2014-0621.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-0621", "ID": "CVE-2014-0621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "30667", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/30667" "lang": "eng",
} "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30667",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/30667"
}
]
}
}

220
2014/4xxx/CVE-2014-4388.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4388", "ID": "CVE-2014-4388",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6443", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6443" "lang": "eng",
}, "value": "IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418."
{ }
"name" : "https://support.apple.com/kb/HT6535", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT6535" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT6441", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6441" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/kb/HT6442", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/kb/HT6442" ]
}, },
{ "references": {
"name" : "APPLE-SA-2014-09-17-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" "name": "http://support.apple.com/kb/HT6441",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT6441"
"name" : "APPLE-SA-2014-09-17-2", },
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" "name": "1030866",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1030866"
"name" : "APPLE-SA-2014-10-16-1", },
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" "name": "http://support.apple.com/kb/HT6442",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT6442"
"name" : "69882", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69882" "name": "APPLE-SA-2014-10-16-1",
}, "refsource": "APPLE",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
"name" : "69948", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69948" "name": "APPLE-SA-2014-09-17-2",
}, "refsource": "APPLE",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
"name" : "1030866", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030866" "name": "69882",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/69882"
"name" : "appleios-cve20144388-code-exec(96093)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96093" "name": "https://support.apple.com/kb/HT6535",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/kb/HT6535"
} },
} {
"name": "APPLE-SA-2014-09-17-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
},
{
"name": "http://support.apple.com/kb/HT6443",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6443"
},
{
"name": "appleios-cve20144388-code-exec(96093)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96093"
},
{
"name": "69948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69948"
}
]
}
}

190
2014/4xxx/CVE-2014-4406.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4406", "ID": "CVE-2014-4406",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://support.apple.com/kb/HT6448", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT6448" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT6536", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT6536" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2014-10-16-3", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" ]
}, },
{ "references": {
"name" : "69935", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69935" "name": "http://support.apple.com/kb/HT6448",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT6448"
"name" : "1030870", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030870" "name": "macosx-cve20144406-xss(96047)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96047"
"name" : "61307", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61307" "name": "APPLE-SA-2014-10-16-3",
}, "refsource": "APPLE",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
"name" : "macosx-cve20144406-xss(96047)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96047" "name": "69935",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/69935"
} },
} {
"name": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html",
"refsource": "MISC",
"url": "http://www.cloudscan.me/2014/09/cve-2014-4406-apple-sa-2014-09-17-5-os.html"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "1030870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030870"
},
{
"name": "61307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61307"
}
]
}
}

160
2014/4xxx/CVE-2014-4427.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4427", "ID": "CVE-2014-4427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT6535", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT6535" "lang": "eng",
}, "value": "App Sandbox in Apple OS X before 10.10 allows attackers to bypass a sandbox protection mechanism via the accessibility API."
{ }
"name" : "APPLE-SA-2014-10-16-1", ]
"refsource" : "APPLE", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "70635", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70635" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1031063", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1031063" ]
}, },
{ "references": {
"name" : "macosx-cve20144427-sec-bypass(97642)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97642" "name": "70635",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/70635"
} },
} {
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "1031063",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031063"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "macosx-cve20144427-sec-bypass(97642)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97642"
}
]
}
}

34
2014/4xxx/CVE-2014-4592.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4592", "ID": "CVE-2014-4592",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2014/4xxx/CVE-2014-4604.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4604", "ID": "CVE-2014-4604",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss", "description_data": [
"refsource" : "MISC", {
"url" : "http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-your-text-manager-a3-cross-site-scripting-xss"
}
]
}
}

150
2014/8xxx/CVE-2014-8036.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-8036", "ID": "CVE-2014-8036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150109 Cisco WebEx Meetings Server Unauthorized Invite List Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8036" "lang": "eng",
}, "value": "The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254."
{ }
"name" : "71982", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/71982" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "60330", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60330" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cisco-webex-cve20148036-sec-bypass(100571)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100571" ]
} },
] "references": {
} "reference_data": [
} {
"name": "71982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71982"
},
{
"name": "cisco-webex-cve20148036-sec-bypass(100571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100571"
},
{
"name": "20150109 Cisco WebEx Meetings Server Unauthorized Invite List Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8036"
},
{
"name": "60330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60330"
}
]
}
}

160
2014/8xxx/CVE-2014-8381.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8381", "ID": "CVE-2014-8381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the (1) dateFrom or (2) dateTo parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141017 XSS vulnerabilities in Megapolis.Portal Manager", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Oct/77" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the (1) dateFrom or (2) dateTo parameter."
{ }
"name" : "http://packetstormsecurity.com/files/128725/Megapolis.Portal-Manager-Cross-Site-Scripting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/128725/Megapolis.Portal-Manager-Cross-Site-Scripting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://websecurity.com.ua/7398/", "description": [
"refsource" : "MISC", {
"url" : "http://websecurity.com.ua/7398/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "70615", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/70615" ]
}, },
{ "references": {
"name" : "megapolisportalmanager-category-xss(97649)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97649" "name": "70615",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/70615"
} },
} {
"name": "20141017 XSS vulnerabilities in Megapolis.Portal Manager",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/77"
},
{
"name": "http://websecurity.com.ua/7398/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/7398/"
},
{
"name": "megapolisportalmanager-category-xss(97649)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97649"
},
{
"name": "http://packetstormsecurity.com/files/128725/Megapolis.Portal-Manager-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128725/Megapolis.Portal-Manager-Cross-Site-Scripting.html"
}
]
}
}

220
2014/9xxx/CVE-2014-9221.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9221", "ID": "CVE-2014-9221",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html" "lang": "eng",
}, "value": "strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025."
{ }
"name" : "http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html", ]
"refsource" : "CONFIRM", },
"url" : "http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3118", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3118" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-3043", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153825.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:0114", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00054.html" "name": "62095",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62095"
"name" : "USN-2450-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2450-1" "name": "http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html",
}, "refsource": "CONFIRM",
{ "url": "http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html"
"name" : "71894", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71894" "name": "USN-2450-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2450-1"
"name" : "62071", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62071" "name": "DSA-3118",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3118"
"name" : "62095", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62095" "name": "62071",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62071"
"name" : "62663", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62663" "name": "FEDORA-2015-3043",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153825.html"
"name" : "62083", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62083" "name": "62663",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/62663"
} },
} {
"name": "openSUSE-SU-2015:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00054.html"
},
{
"name": "http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html",
"refsource": "CONFIRM",
"url": "http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html"
},
{
"name": "62083",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62083"
},
{
"name": "71894",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71894"
}
]
}
}

200
2014/9xxx/CVE-2014-9668.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9668", "ID": "CVE-2014-9668",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/google-security-research/issues/detail?id=164", "description_data": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/google-security-research/issues/detail?id=164" "lang": "eng",
}, "value": "The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file."
{ }
"name" : "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538", ]
"refsource" : "CONFIRM", },
"url" : "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2015-2216", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-2237", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html" ]
}, },
{ "references": {
"name" : "GLSA-201503-05", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201503-05" "name": "http://code.google.com/p/google-security-research/issues/detail?id=164",
}, "refsource": "MISC",
{ "url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
"name" : "openSUSE-SU-2015:0627", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html" "name": "GLSA-201503-05",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201503-05"
"name" : "USN-2510-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2510-1" "name": "72986",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/72986"
"name" : "USN-2739-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2739-1" "name": "USN-2739-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2739-1"
"name" : "72986", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72986" "name": "openSUSE-SU-2015:0627",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
} },
} {
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}

140
2014/9xxx/CVE-2014-9736.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9736", "ID": "CVE-2014-9736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database, which has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" "lang": "eng",
}, "value": "GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database, which has unspecified impact and attack vectors."
{ }
"name" : "https://twitter.com/digitalbond/status/619250429751222277", ]
"refsource" : "MISC", },
"url" : "https://twitter.com/digitalbond/status/619250429751222277" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://apps.gehealthcare.com/servlet/ClientServlet/DOC1474072_ATR_InstSvcMan.pdf?REQ=RAA&DIRECTION=DOC1474072&FILENAME=DOC1474072_ATR_InstSvcMan.pdf&FILEREV=--&DOCREV_ORG=--", "description": [
"refsource" : "CONFIRM", {
"url" : "http://apps.gehealthcare.com/servlet/ClientServlet/DOC1474072_ATR_InstSvcMan.pdf?REQ=RAA&DIRECTION=DOC1474072&FILENAME=DOC1474072_ATR_InstSvcMan.pdf&FILEREV=--&DOCREV_ORG=--" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource": "MISC",
"url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
},
{
"name": "http://apps.gehealthcare.com/servlet/ClientServlet/DOC1474072_ATR_InstSvcMan.pdf?REQ=RAA&DIRECTION=DOC1474072&FILENAME=DOC1474072_ATR_InstSvcMan.pdf&FILEREV=--&DOCREV_ORG=--",
"refsource": "CONFIRM",
"url": "http://apps.gehealthcare.com/servlet/ClientServlet/DOC1474072_ATR_InstSvcMan.pdf?REQ=RAA&DIRECTION=DOC1474072&FILENAME=DOC1474072_ATR_InstSvcMan.pdf&FILEREV=--&DOCREV_ORG=--"
},
{
"name": "https://twitter.com/digitalbond/status/619250429751222277",
"refsource": "MISC",
"url": "https://twitter.com/digitalbond/status/619250429751222277"
}
]
}
}

130
2016/3xxx/CVE-2016-3251.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3251", "ID": "CVE-2016-3251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafted application, aka \"Win32k Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-090", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-090" "lang": "eng",
}, "value": "The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafted application, aka \"Win32k Information Disclosure Vulnerability.\""
{ }
"name" : "1036288", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1036288" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-090",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-090"
},
{
"name": "1036288",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036288"
}
]
}
}

150
2016/3xxx/CVE-2016-3448.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3448", "ID": "CVE-2016-3448",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91885", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91885" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036363", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036363" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "1036363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036363"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91885",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91885"
}
]
}
}

270
2016/3xxx/CVE-2016-3485.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3485", "ID": "CVE-2016-3485",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking."
{ }
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10166", ]
"refsource" : "CONFIRM", },
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10166" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20160721-0001/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20160721-0001/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201610-08", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201610-08" ]
}, },
{ "references": {
"name" : "GLSA-201701-43", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-43" "name": "SUSE-SU-2016:2261",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
"name" : "SUSE-SU-2016:2261", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name" : "SUSE-SU-2016:2286", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html" "name": "GLSA-201610-08",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201610-08"
"name" : "SUSE-SU-2016:1997", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html" "name": "SUSE-SU-2016:2012",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
"name" : "SUSE-SU-2016:2012", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html" "name": "openSUSE-SU-2016:2052",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
"name" : "openSUSE-SU-2016:1979", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html" "name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
"name" : "openSUSE-SU-2016:2050", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html" "name": "SUSE-SU-2016:2286",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
"name" : "openSUSE-SU-2016:2051", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html" "name": "openSUSE-SU-2016:2051",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
"name" : "openSUSE-SU-2016:2052", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html" "name": "1036365",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036365"
"name" : "openSUSE-SU-2016:2058", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html" "name": "GLSA-201701-43",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-43"
"name" : "91787", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "name": "91787",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91787"
"name" : "1036365", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036365" "name": "SUSE-SU-2016:1997",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
} },
} {
"name": "openSUSE-SU-2016:2050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10166",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "openSUSE-SU-2016:2058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
}
]
}
}

150
2016/3xxx/CVE-2016-3639.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3639", "ID": "CVE-2016-3639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160818 Onapsis Security Advisory ONAPSIS-2016-006: SAP HANA Get Topology Information", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Aug/83" "lang": "eng",
}, "value": "SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128."
{ }
"name" : "http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure", ]
"refsource" : "MISC", },
"url" : "http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92547", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92547" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure",
"refsource": "MISC",
"url": "http://onapsis.com/research/security-advisories/sap-hana-get-topology-information-disclosure"
},
{
"name": "http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138428/SAP-HANA-1.00.091.00.1418659308-Information-Disclosure.html"
},
{
"name": "92547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92547"
},
{
"name": "20160818 Onapsis Security Advisory ONAPSIS-2016-006: SAP HANA Get Topology Information",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/83"
}
]
}
}

178
2016/6xxx/CVE-2016-6125.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-6125", "ID": "CVE-2016-6125",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Kenexa LMS on Cloud", "product_name": "Kenexa LMS on Cloud",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "13.0" "version_value": "13.0"
}, },
{ {
"version_value" : "13.1" "version_value": "13.1"
}, },
{ {
"version_value" : "13.2" "version_value": "13.2"
}, },
{ {
"version_value" : "13.2.2" "version_value": "13.2.2"
}, },
{ {
"version_value" : "13.2.3" "version_value": "13.2.3"
}, },
{ {
"version_value" : "13.2.4" "version_value": "13.2.4"
}, },
{ {
"version_value" : "14.0.0" "version_value": "14.0.0"
}, },
{ {
"version_value" : "14.1.0" "version_value": "14.1.0"
}, },
{ {
"version_value" : "14.2.0" "version_value": "14.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21993982", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21993982" "lang": "eng",
}, "value": "IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
{ }
"name" : "94327", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94327" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21993982",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993982"
},
{
"name": "94327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94327"
}
]
}
}

140
2016/6xxx/CVE-2016-6368.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-6368", "ID": "CVE-2016-6368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Firepower Detection Engine", "product_name": "Cisco Firepower Detection Engine",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Firepower Detection Engine" "version_value": "Cisco Firepower Detection Engine"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability affects Cisco Firepower System Software that has one or more file action policies configured and is running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services; Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls; Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances; Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances; Firepower 4100 Series Security Appliances; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Series Security Appliances; FirePOWER Threat Defense for Integrated Services Routers (ISRs); Industrial Security Appliance 3000; Sourcefire 3D System Appliances; Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Fixed versions: 5.4.0.10 5.4.1.9 6.0.1.3 6.1.0 6.2.0. Cisco Bug IDs: CSCuz00876."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-399"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort" "lang": "eng",
}, "value": "A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability affects Cisco Firepower System Software that has one or more file action policies configured and is running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services; Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls; Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances; Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances; Firepower 4100 Series Security Appliances; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Series Security Appliances; FirePOWER Threat Defense for Integrated Services Routers (ISRs); Industrial Security Appliance 3000; Sourcefire 3D System Appliances; Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Fixed versions: 5.4.0.10 5.4.1.9 6.0.1.3 6.1.0 6.2.0. Cisco Bug IDs: CSCuz00876."
{ }
"name" : "97932", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97932" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98292", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98292" "lang": "eng",
} "value": "CWE-399"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort"
},
{
"name": "98292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98292"
},
{
"name": "97932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97932"
}
]
}
}

34
2016/6xxx/CVE-2016-6585.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6585", "ID": "CVE-2016-6585",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2016/6xxx/CVE-2016-6804.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2017-11-18T00:00:00", "DATE_PUBLIC": "2017-11-18T00:00:00",
"ID" : "CVE-2016-6804", "ID": "CVE-2016-6804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache OpenOffice", "product_name": "Apache OpenOffice",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.0.0 to 4.1.2" "version_value": "4.0.0 to 4.1.2"
}, },
{ {
"version_value" : "older releases are also affected, including some branded as OpenOffice.org" "version_value": "older releases are also affected, including some branded as OpenOffice.org"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary Code Execution at installation time"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.openoffice.org/security/cves/CVE-2016-6804.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.openoffice.org/security/cves/CVE-2016-6804.html" "lang": "eng",
}, "value": "The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon."
{ }
"name" : "93774", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93774" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037016", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037016" "lang": "eng",
} "value": "Arbitrary Code Execution at installation time"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.openoffice.org/security/cves/CVE-2016-6804.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2016-6804.html"
},
{
"name": "93774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93774"
},
{
"name": "1037016",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037016"
}
]
}
}

160
2016/7xxx/CVE-2016-7101.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7101", "ID": "CVE-2016-7101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/26/8" "lang": "eng",
}, "value": "The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127" ]
}, },
{ "references": {
"name" : "93181", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93181" "name": "93181",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/93181"
} },
} {
"name": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776"
},
{
"name": "[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/26/8"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127"
}
]
}
}

140
2016/7xxx/CVE-2016-7474.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"ID" : "CVE-2016-7474", "ID": "CVE-2016-7474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM", "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1" "version_value": "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks" "vendor_name": "F5 Networks"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "MCPD data on disk may expose sensitive parameters"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.f5.com/csp/article/K52180214", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/csp/article/K52180214" "lang": "eng",
}, "value": "In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information."
{ }
"name" : "97198", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97198" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038133", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038133" "lang": "eng",
} "value": "MCPD data on disk may expose sensitive parameters"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K52180214",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K52180214"
},
{
"name": "97198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97198"
},
{
"name": "1038133",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038133"
}
]
}
}

34
2016/7xxx/CVE-2016-7718.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7718", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7718",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/7xxx/CVE-2016-7768.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7768", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7768",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

140
2016/7xxx/CVE-2016-7809.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7809", "ID": "CVE-2016-7809",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CG-WLR300NX", "product_name": "CG-WLR300NX",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "firmware Ver. 1.20 and earlier" "version_value": "firmware Ver. 1.20 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Corega Inc" "vendor_name": "Corega Inc"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://corega.jp/support/security/20161111_wlr300nx.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://corega.jp/support/security/20161111_wlr300nx.htm" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors."
{ }
"name" : "JVN#23823838", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN23823838/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94248", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94248" "lang": "eng",
} "value": "Cross-site request forgery"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#23823838",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN23823838/index.html"
},
{
"name": "http://corega.jp/support/security/20161111_wlr300nx.htm",
"refsource": "CONFIRM",
"url": "http://corega.jp/support/security/20161111_wlr300nx.htm"
},
{
"name": "94248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94248"
}
]
}
}

150
2016/7xxx/CVE-2016-7812.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7812", "ID": "CVE-2016-7812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android", "product_name": "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ver5.3.1" "version_value": "ver5.3.1"
} }
] ]
} }
}, },
{ {
"product_name" : "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android", "product_name": "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ver5.2.2 and earlier" "version_value": "ver5.2.2 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Bank of Tokyo-Mitsubishi UFJ, Ltd." "vendor_name": "The Bank of Tokyo-Mitsubishi UFJ, Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5.2.2 and earlier allow a man-in-the-middle attacker to downgrade the communication between the app and the server from TLS v1.2 to SSL v3.0, which may result in the attacker to eavesdrop on an encrypted communication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jvn.jp/en/vu/JVNVU92900492/", "description_data": [
"refsource" : "MISC", {
"url" : "https://jvn.jp/en/vu/JVNVU92900492/" "lang": "eng",
}, "value": "The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5.2.2 and earlier allow a man-in-the-middle attacker to downgrade the communication between the app and the server from TLS v1.2 to SSL v3.0, which may result in the attacker to eavesdrop on an encrypted communication."
{ }
"name" : "94829", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94829" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/vu/JVNVU92900492/",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU92900492/"
},
{
"name": "94829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94829"
}
]
}
}

34
2016/8xxx/CVE-2016-8132.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8132", "ID": "CVE-2016-8132",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/8xxx/CVE-2016-8216.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-8216", "ID": "CVE-2016-8216",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10", "product_name": "EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10" "version_value": "EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Command Injection Vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securityfocus.com/archive/1/540059/30/0/threaded", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.securityfocus.com/archive/1/540059/30/0/threaded" "lang": "eng",
}, "value": "EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system."
{ }
"name" : "95829", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95829" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037728", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037728" "lang": "eng",
} "value": "Command Injection Vulnerability"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540059/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540059/30/0/threaded"
},
{
"name": "1037728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037728"
},
{
"name": "95829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95829"
}
]
}
}

130
2016/8xxx/CVE-2016-8432.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8432", "ID": "CVE-2016-8432",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-01-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-01-01.html" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432."
{ }
"name" : "95236", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95236" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "95236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95236"
}
]
}
}

230
2016/8xxx/CVE-2016-8569.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8569", "ID": "CVE-2016-8569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161008 Re: CVE request: invalid memory accesses parsing object files in libgit2", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/08/7" "lang": "eng",
}, "value": "The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1383211", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1383211" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/libgit2/libgit2/issues/3937", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/libgit2/libgit2/issues/3937" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/libgit2/libgit2/releases/tag/v0.24.3", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/libgit2/libgit2/releases/tag/v0.24.3" ]
}, },
{ "references": {
"name" : "FEDORA-2016-505d7fe198", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVUEIG6EESZB6BRU2IE3F5NRUEHMAEKC/" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1383211",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383211"
"name" : "FEDORA-2016-616a35205b", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3JBSNJAXP7JA3TGE2NPNRTD77JXFG4E/" "name": "FEDORA-2016-616a35205b",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3JBSNJAXP7JA3TGE2NPNRTD77JXFG4E/"
"name" : "FEDORA-2016-bc51f4636f", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E77DG5KGQ7L34U75QY7O6NIPKZNQHQJ/" "name": "93465",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93465"
"name" : "openSUSE-SU-2016:3097", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00075.html" "name": "[oss-security] 20161008 Re: CVE request: invalid memory accesses parsing object files in libgit2",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/10/08/7"
"name" : "openSUSE-SU-2017:0184", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2017-01/msg00103.html" "name": "https://github.com/libgit2/libgit2/issues/3937",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/libgit2/libgit2/issues/3937"
"name" : "openSUSE-SU-2017:0195", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2017-01/msg00110.html" "name": "https://github.com/libgit2/libgit2/releases/tag/v0.24.3",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/libgit2/libgit2/releases/tag/v0.24.3"
"name" : "openSUSE-SU-2017:0208", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2017-01/msg00114.html" "name": "openSUSE-SU-2016:3097",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00075.html"
"name" : "93465", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93465" "name": "FEDORA-2016-505d7fe198",
} "refsource": "FEDORA",
] "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVUEIG6EESZB6BRU2IE3F5NRUEHMAEKC/"
} },
} {
"name": "openSUSE-SU-2017:0208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00114.html"
},
{
"name": "openSUSE-SU-2017:0195",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00110.html"
},
{
"name": "openSUSE-SU-2017:0184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00103.html"
},
{
"name": "FEDORA-2016-bc51f4636f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4E77DG5KGQ7L34U75QY7O6NIPKZNQHQJ/"
}
]
}
}