admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:40:08 +00:00
parent 6782526dad
commit 155cc35d94
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 4351 additions and 4351 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2006/1xxx/CVE-2006-1341.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1341",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1341",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters."
"lang": "eng",
"value": "SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060328 [eVuln] Maian Events SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429093/100/0/threaded"
"name": "646",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/646"
},
{
"name" : "http://evuln.com/vulns/102/description.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/102/description.html"
"name": "http://evuln.com/vulns/102/description.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/102/description.html"
},
{
"name" : "ADV-2006-0993",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0993"
"name": "19274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19274"
},
{
"name" : "23947",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23947"
"name": "ADV-2006-0993",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0993"
},
{
"name" : "19274",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19274"
"name": "maianevents-events-sql-injection(25298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25298"
},
{
"name" : "646",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/646"
"name": "23947",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23947"
},
{
"name" : "maianevents-events-sql-injection(25298)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25298"
"name": "20060328 [eVuln] Maian Events SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429093/100/0/threaded"
}
]
}

74
2006/1xxx/CVE-2006-1634.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1634",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1634",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060402 Multiple Vulnerabilities in LucidCMS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/429744"
"name": "17360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17360"
},
{
"name" : "17360",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17360"
"name": "20060402 Multiple Vulnerabilities in LucidCMS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429744"
},
{
"name" : "lucidcms-index-login-panel-xss(25632)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25632"
"name": "lucidcms-index-login-panel-xss(25632)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25632"
}
]
}

92
2006/1xxx/CVE-2006-1768.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1768",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1768",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060411 Tritanium Bulletin Board 1.2.3 - XSS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430669/100/0/threaded"
"name": "17473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17473"
},
{
"name" : "17473",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17473"
"name": "19635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19635"
},
{
"name" : "ADV-2006-1329",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1329"
"name": "ADV-2006-1329",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1329"
},
{
"name" : "24556",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24556"
"name": "24556",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24556"
},
{
"name" : "19635",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19635"
"name": "tritaniumbb-register-xss(25751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25751"
},
{
"name" : "tritaniumbb-register-xss(25751)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25751"
"name": "20060411 Tritanium Bulletin Board 1.2.3 - XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430669/100/0/threaded"
}
]
}

86
2006/5xxx/CVE-2006-5426.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5426",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5426",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2595",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2595"
"name": "20619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20619"
},
{
"name" : "20619",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20619"
"name": "ADV-2006-4100",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4100"
},
{
"name" : "ADV-2006-4100",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4100"
"name": "22484",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22484"
},
{
"name" : "22484",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22484"
"name": "local-calendar-lcuser-file-include(29665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29665"
},
{
"name" : "local-calendar-lcuser-file-include(29665)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29665"
"name": "2595",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2595"
}
]
}

428
2006/5xxx/CVE-2006-5464.json
View File

@ -1,366 +1,366 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-5464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061109 rPSA-2006-0206-1 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451099/100/0/threaded"
"name": "ADV-2006-3748",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=307809",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=307809"
"name": "1017178",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017178"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=310267",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=310267"
"name": "1017179",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017179"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=350370",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=350370"
"name": "23235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23235"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=351328",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=351328"
"name": "GLSA-200612-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-08.xml"
},
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html"
"name": "23013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23013"
},
{
"name" : "https://issues.rpath.com/browse/RPL-765",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-765"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=310267",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=310267"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm"
"name": "oval:org.mitre.oval:def:9304",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9304"
},
{
"name" : "DSA-1224",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1224"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm"
},
{
"name" : "DSA-1225",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1225"
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html"
},
{
"name" : "DSA-1227",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1227"
"name": "20061109 rPSA-2006-0206-1 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451099/100/0/threaded"
},
{
"name" : "GLSA-200612-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200612-06.xml"
"name": "22770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22770"
},
{
"name" : "GLSA-200612-07",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200612-07.xml"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=351328",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=351328"
},
{
"name" : "GLSA-200612-08",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200612-08.xml"
"name": "ADV-2006-4387",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4387"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
"name": "DSA-1225",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1225"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
"name": "https://issues.rpath.com/browse/RPL-765",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-765"
},
{
"name" : "MDKSA-2006:205",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:205"
"name": "23009",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23009"
},
{
"name" : "MDKSA-2006:206",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:206"
"name": "mozilla-layout-dos(30092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30092"
},
{
"name" : "RHSA-2006:0733",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0733.html"
"name": "TA06-312A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-312A.html"
},
{
"name" : "RHSA-2006:0734",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0734.html"
"name": "DSA-1227",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1227"
},
{
"name" : "RHSA-2006:0735",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0735.html"
"name": "22980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22980"
},
{
"name" : "20061101-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
"name": "RHSA-2006:0733",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0733.html"
},
{
"name" : "103121",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103121-1"
"name": "24711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24711"
},
{
"name" : "200587",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200587-1"
"name": "23263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23263"
},
{
"name" : "SUSE-SA:2006:068",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_68_mozilla.html"
"name": "22763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22763"
},
{
"name" : "USN-381-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-381-1"
"name": "27328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27328"
},
{
"name" : "USN-382-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-382-1"
"name": "22965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22965"
},
{
"name" : "VU#495288",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/495288"
"name": "USN-382-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-382-1"
},
{
"name" : "TA06-312A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-312A.html"
"name": "200587",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200587-1"
},
{
"name" : "20957",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20957"
"name": "1017177",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017177"
},
{
"name" : "oval:org.mitre.oval:def:9304",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9304"
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "ADV-2006-4387",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4387"
"name": "RHSA-2006:0735",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0735.html"
},
{
"name" : "ADV-2007-1198",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1198"
"name": "20061101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
},
{
"name" : "ADV-2006-3748",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3748"
"name": "SUSE-SA:2006:068",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_68_mozilla.html"
},
{
"name" : "ADV-2007-3588",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3588"
"name": "GLSA-200612-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-07.xml"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
"name": "ADV-2007-1198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"name" : "1017177",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017177"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=307809",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=307809"
},
{
"name" : "1017178",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017178"
"name": "23297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23297"
},
{
"name" : "1017179",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017179"
"name": "22727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22727"
},
{
"name" : "22722",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22722"
"name": "22815",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22815"
},
{
"name" : "22770",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22770"
"name": "RHSA-2006:0734",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0734.html"
},
{
"name" : "22727",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22727"
"name": "SSRT061181",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
},
{
"name" : "22737",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22737"
"name": "22737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22737"
},
{
"name" : "22763",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22763"
"name": "VU#495288",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/495288"
},
{
"name" : "22774",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22774"
"name": "ADV-2007-3588",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3588"
},
{
"name" : "22817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22817"
"name": "22929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22929"
},
{
"name" : "22929",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22929"
"name": "23202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23202"
},
{
"name" : "22965",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22965"
"name": "GLSA-200612-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-06.xml"
},
{
"name" : "22980",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22980"
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
},
{
"name" : "23009",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23009"
"name": "MDKSA-2006:206",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:206"
},
{
"name" : "23013",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23013"
"name": "20957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20957"
},
{
"name" : "23197",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23197"
"name": "23197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23197"
},
{
"name" : "23202",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23202"
"name": "DSA-1224",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1224"
},
{
"name" : "23235",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23235"
"name": "22066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22066"
},
{
"name" : "23263",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23263"
"name": "103121",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103121-1"
},
{
"name" : "23287",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23287"
"name": "22774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22774"
},
{
"name" : "23297",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23297"
"name": "22817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22817"
},
{
"name" : "22815",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22815"
"name": "22722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22722"
},
{
"name" : "24711",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24711"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=350370",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=350370"
},
{
"name" : "22066",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22066"
"name": "MDKSA-2006:205",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:205"
},
{
"name" : "27328",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27328"
"name": "23287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23287"
},
{
"name" : "mozilla-layout-dos(30092)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30092"
"name": "USN-381-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-381-1"
}
]
}

98
2006/5xxx/CVE-2006-5553.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5553",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5553",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
"lang": "eng",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
"name": "1017118",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017118"
},
{
"name" : "20737",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20737"
"name": "20737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name" : "ADV-2006-4198",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4198"
"name": "csa-port-scan-dos(29829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name" : "30055",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/30055"
"name": "30055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30055"
},
{
"name" : "1017118",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017118"
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name" : "22574",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22574"
"name": "ADV-2006-4198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name" : "csa-port-scan-dos(29829)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
"name": "22574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22574"
}
]
}

92
2006/5xxx/CVE-2006-5654.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5654",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5654",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127."
"lang": "eng",
"value": "Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "102670",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"
"name": "sun-java-nss-dos(29946)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"
},
{
"name" : "20846",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20846"
"name": "22646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22646"
},
{
"name" : "ADV-2006-4299",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4299"
"name": "102670",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"
},
{
"name" : "1017143",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017143"
"name": "1017143",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017143"
},
{
"name" : "22646",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22646"
"name": "ADV-2006-4299",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4299"
},
{
"name" : "sun-java-nss-dos(29946)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"
"name": "20846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20846"
}
]
}

86
2006/5xxx/CVE-2006-5853.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5853",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5853",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061108 Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450960"
"name": "20965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20965"
},
{
"name" : "http://www.procheckup.com/Vulner_PR0506.php",
"refsource" : "MISC",
"url" : "http://www.procheckup.com/Vulner_PR0506.php"
"name": "immediacy-logon-xss(30136)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30136"
},
{
"name" : "20965",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20965"
"name": "1845",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1845"
},
{
"name" : "1845",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1845"
"name": "20061108 Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450960"
},
{
"name" : "immediacy-logon-xss(30136)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30136"
"name": "http://www.procheckup.com/Vulner_PR0506.php",
"refsource": "MISC",
"url": "http://www.procheckup.com/Vulner_PR0506.php"
}
]
}

98
2007/2xxx/CVE-2007-2011.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2011",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2011",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070408 DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465089/100/0/threaded"
"name": "23381",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23381"
},
{
"name" : "http://john-martinelli.com/work/deskpro.txt",
"refsource" : "MISC",
"url" : "http://john-martinelli.com/work/deskpro.txt"
"name": "http://john-martinelli.com/work/deskpro.txt",
"refsource": "MISC",
"url": "http://john-martinelli.com/work/deskpro.txt"
},
{
"name" : "23381",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23381"
"name": "2556",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2556"
},
{
"name" : "ADV-2007-1320",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1320"
"name": "24844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24844"
},
{
"name" : "34721",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34721"
"name": "20070408 DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465089/100/0/threaded"
},
{
"name" : "24844",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24844"
"name": "34721",
"refsource": "OSVDB",
"url": "http://osvdb.org/34721"
},
{
"name" : "2556",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2556"
"name": "ADV-2007-1320",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1320"
}
]
}

98
2007/2xxx/CVE-2007-2166.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2166",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2166",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot (osp) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot (osp) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3765",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3765"
"name": "http://osp.cvs.sourceforge.net/osp/osp12/administration/user/lib/group.inc.php?revision=1.1.1.1&view=markup",
"refsource": "MISC",
"url": "http://osp.cvs.sourceforge.net/osp/osp12/administration/user/lib/group.inc.php?revision=1.1.1.1&view=markup"
},
{
"name" : "http://osp.cvs.sourceforge.net/osp/osp12/administration/user/lib/group.inc.php?revision=1.1.1.1&view=markup",
"refsource" : "MISC",
"url" : "http://osp.cvs.sourceforge.net/osp/osp12/administration/user/lib/group.inc.php?revision=1.1.1.1&view=markup"
"name": "ADV-2007-1460",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1460"
},
{
"name" : "23563",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23563"
"name": "24915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24915"
},
{
"name" : "ADV-2007-1460",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1460"
"name": "23563",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23563"
},
{
"name" : "35022",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35022"
"name": "osp-groupinc-file-include(33749)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33749"
},
{
"name" : "24915",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24915"
"name": "35022",
"refsource": "OSVDB",
"url": "http://osvdb.org/35022"
},
{
"name" : "osp-groupinc-file-include(33749)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33749"
"name": "3765",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3765"
}
]
}

86
2007/2xxx/CVE-2007-2316.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2316",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2316",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the admin script in Open Business Management (OBM) before 2.0.0 allows remote attackers to have an unknown impact by calling the script \"in txt mode from a browser.\""
"lang": "eng",
"value": "Unspecified vulnerability in the admin script in Open Business Management (OBM) before 2.0.0 allows remote attackers to have an unknown impact by calling the script \"in txt mode from a browser.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://obm.aliasource.org/changelogs/changelog-2.0.html",
"refsource" : "CONFIRM",
"url" : "http://obm.aliasource.org/changelogs/changelog-2.0.html"
"name": "34899",
"refsource": "OSVDB",
"url": "http://osvdb.org/34899"
},
{
"name" : "23472",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23472"
"name": "ADV-2007-1376",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1376"
},
{
"name" : "ADV-2007-1376",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1376"
"name": "24775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24775"
},
{
"name" : "34899",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34899"
"name": "23472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23472"
},
{
"name" : "24775",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24775"
"name": "http://obm.aliasource.org/changelogs/changelog-2.0.html",
"refsource": "CONFIRM",
"url": "http://obm.aliasource.org/changelogs/changelog-2.0.html"
}
]
}

92
2007/2xxx/CVE-2007-2765.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2765",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2765",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301."
"lang": "eng",
"value": "blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.aczoom.com/tools/blockhosts/CHANGES",
"refsource" : "CONFIRM",
"url" : "http://www.aczoom.com/tools/blockhosts/CHANGES"
"name": "24090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24090"
},
{
"name" : "24090",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24090"
"name": "ADV-2007-1906",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1906"
},
{
"name" : "ADV-2007-1906",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1906"
"name": "36516",
"refsource": "OSVDB",
"url": "http://osvdb.org/36516"
},
{
"name" : "36516",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36516"
"name": "blockhosts-daemonlog-dos(34426)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34426"
},
{
"name" : "25352",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25352"
"name": "http://www.aczoom.com/tools/blockhosts/CHANGES",
"refsource": "CONFIRM",
"url": "http://www.aczoom.com/tools/blockhosts/CHANGES"
},
{
"name" : "blockhosts-daemonlog-dos(34426)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34426"
"name": "25352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25352"
}
]
}

122
2007/2xxx/CVE-2007-2966.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2966",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2966",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335."
"lang": "eng",
"value": "Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070601 n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
"name": "25426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25426"
},
{
"name" : "http://www.nruns.com/security_advisory_fsecure_lzh.php",
"refsource" : "MISC",
"url" : "http://www.nruns.com/security_advisory_fsecure_lzh.php"
"name": "1018148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name" : "http://www.f-secure.com/security/fsc-2007-1.shtml",
"refsource" : "CONFIRM",
"url" : "http://www.f-secure.com/security/fsc-2007-1.shtml"
"name": "1018147",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018147"
},
{
"name" : "24235",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24235"
"name": "1018146",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name" : "36724",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36724"
"name": "ADV-2007-1985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name" : "ADV-2007-1985",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1985"
"name": "20070601 n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"name" : "1018146",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018146"
"name": "http://www.f-secure.com/security/fsc-2007-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"name" : "1018147",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018147"
"name": "36724",
"refsource": "OSVDB",
"url": "http://osvdb.org/36724"
},
{
"name" : "1018148",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018148"
"name": "24235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24235"
},
{
"name" : "25426",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25426"
"name": "fsecure-lzh-bo(34575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
},
{
"name" : "fsecure-lzh-bo(34575)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
"name": "http://www.nruns.com/security_advisory_fsecure_lzh.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
}
]
}

116
2007/6xxx/CVE-2007-6061.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6061",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6061",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack."
"lang": "eng",
"value": "Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=199751",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=199751"
"name": "29206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29206"
},
{
"name" : "FEDORA-2008-3456",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00075.html"
"name": "26608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26608"
},
{
"name" : "FEDORA-2008-3511",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00087.html"
"name": "ADV-2007-4025",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4025"
},
{
"name" : "GLSA-200803-03",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200803-03.xml"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=199751",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199751"
},
{
"name" : "MDVSA-2008:074",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:074"
"name": "FEDORA-2008-3511",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00087.html"
},
{
"name" : "26608",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26608"
"name": "GLSA-200803-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-03.xml"
},
{
"name" : "ADV-2007-4025",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4025"
"name": "27841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27841"
},
{
"name" : "27841",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27841"
"name": "FEDORA-2008-3456",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00075.html"
},
{
"name" : "29206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29206"
"name": "MDVSA-2008:074",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:074"
},
{
"name" : "30191",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30191"
"name": "30191",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30191"
}
]
}

74
2010/0xxx/CVE-2010-0430.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0430",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0430",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings."
"lang": "eng",
"value": "libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=568702",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=568702"
"name": "RHSA-2010:0476",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0476.html"
},
{
"name" : "RHSA-2010:0271",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2010-0271.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=568702",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568702"
},
{
"name" : "RHSA-2010:0476",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2010-0476.html"
"name": "RHSA-2010:0271",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0271.html"
}
]
}

74
2010/0xxx/CVE-2010-0879.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0879",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0879",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect confidentiality via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect confidentiality via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
"name": "TA10-103B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
},
{
"name" : "TA10-103B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
},
{
"name" : "opejee-peopletools-unspecified-var3(57738)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57738"
"name": "opejee-peopletools-unspecified-var3(57738)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57738"
}
]
}

74
2010/1xxx/CVE-2010-1016.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1016",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1016",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/extensions/repository/view/sav_filter_selectors/1.0.5/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/sav_filter_selectors/1.0.5/"
"name": "38804",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38804"
},
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name" : "38804",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38804"
"name": "http://typo3.org/extensions/repository/view/sav_filter_selectors/1.0.5/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/sav_filter_selectors/1.0.5/"
}
]
}

80
2010/1xxx/CVE-2010-1746.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1746",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1746",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "12473",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/12473"
"name": "ADV-2010-1053",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1053"
},
{
"name" : "39854",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39854"
"name": "tablejx-index-xss(58270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58270"
},
{
"name" : "ADV-2010-1053",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1053"
"name": "39854",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39854"
},
{
"name" : "tablejx-index-xss(58270)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58270"
"name": "12473",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12473"
}
]
}

128
2010/4xxx/CVE-2010-4526.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4526",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4526",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function."
"lang": "eng",
"value": "Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"name": "RHSA-2011:0163",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0163.html"
},
{
"name" : "[oss-security] 20110104 CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/04/3"
"name": "[oss-security] 20110104 Re: CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/04/13"
},
{
"name" : "[oss-security] 20110104 Re: CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/04/13"
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b5d6ad63821cea324a5a7a19854d4de1a0a819",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b5d6ad63821cea324a5a7a19854d4de1a0a819"
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name" : "RHSA-2011:0163",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0163.html"
"name": "[oss-security] 20110104 CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/04/3"
},
{
"name" : "45661",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45661"
"name": "45661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45661"
},
{
"name" : "42964",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42964"
"name": "ADV-2011-0169",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0169"
},
{
"name" : "46397",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46397"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b5d6ad63821cea324a5a7a19854d4de1a0a819",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b5d6ad63821cea324a5a7a19854d4de1a0a819"
},
{
"name" : "ADV-2011-0169",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0169"
"name": "kernel-icmp-message-dos(64616)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64616"
},
{
"name" : "kernel-icmp-message-dos(64616)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64616"
"name": "42964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42964"
}
]
}

98
2010/4xxx/CVE-2010-4777.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4777",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4777",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash."
"lang": "eng",
"value": "The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[Postfixbuch-users] 20110222 proxy-reject: END-OF-MESSAGE: 451 4.3.0\tError: queue file write error",
"refsource" : "MLIST",
"url" : "https://listi.jpberlin.de/pipermail/postfixbuch-users/2011-February/055885.html"
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836"
"name": "[Postfixbuch-users] 20110222 proxy-reject: END-OF-MESSAGE: 451 4.3.0\tError: queue file write error",
"refsource": "MLIST",
"url": "https://listi.jpberlin.de/pipermail/postfixbuch-users/2011-February/055885.html"
},
{
"name" : "http://forums.ocsinventory-ng.org/viewtopic.php?id=7215",
"refsource" : "MISC",
"url" : "http://forums.ocsinventory-ng.org/viewtopic.php?id=7215"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=694166",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=694166"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=694166",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=694166"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628836"
},
{
"name" : "https://rt.perl.org/Public/Bug/Display.html?id=76538",
"refsource" : "CONFIRM",
"url" : "https://rt.perl.org/Public/Bug/Display.html?id=76538"
"name": "http://forums.ocsinventory-ng.org/viewtopic.php?id=7215",
"refsource": "MISC",
"url": "http://forums.ocsinventory-ng.org/viewtopic.php?id=7215"
},
{
"name" : "openSUSE-SU-2011:0479",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html"
"name": "https://rt.perl.org/Public/Bug/Display.html?id=76538",
"refsource": "CONFIRM",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=76538"
},
{
"name" : "SUSE-SR:2011:009",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
"name": "openSUSE-SU-2011:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html"
}
]
}

92
2010/4xxx/CVE-2010-4957.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4957",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4957",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/extensions/repository/view/ke_questionnaire/2.2.3",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/ke_questionnaire/2.2.3"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/"
},
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/"
"name": "questionnaire-unspecified-sql-injection(61042)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61042"
},
{
"name" : "42369",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42369"
"name": "42369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42369"
},
{
"name" : "67031",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/67031"
"name": "67031",
"refsource": "OSVDB",
"url": "http://osvdb.org/67031"
},
{
"name" : "40950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40950"
"name": "http://typo3.org/extensions/repository/view/ke_questionnaire/2.2.3",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/ke_questionnaire/2.2.3"
},
{
"name" : "questionnaire-unspecified-sql-injection(61042)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61042"
"name": "40950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40950"
}
]
}

80
2010/4xxx/CVE-2010-4979.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4979",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4979",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.packetstormsecurity.com/1006-exploits/candid-sql.txt",
"refsource" : "MISC",
"url" : "http://www.packetstormsecurity.com/1006-exploits/candid-sql.txt"
"name": "41216",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41216"
},
{
"name" : "41216",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41216"
"name": "8493",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8493"
},
{
"name" : "8493",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8493"
"name": "http://www.packetstormsecurity.com/1006-exploits/candid-sql.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.com/1006-exploits/candid-sql.txt"
},
{
"name" : "candid-view-sql-injection(59944)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59944"
"name": "candid-view-sql-injection(59944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59944"
}
]
}

110
2010/5xxx/CVE-2010-5150.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5150",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5150",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
"lang": "eng",
"value": "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
"name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource": "MISC",
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource" : "MISC",
"url" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
"name": "39924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39924"
},
{
"name" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "MISC",
"url" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
"name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "MISC",
"url" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name" : "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource" : "MISC",
"url" : "http://www.f-secure.com/weblog/archives/00001949.html"
"name": "67660",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67660"
},
{
"name" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource" : "MISC",
"url" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
"name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"name" : "39924",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39924"
"name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource": "MISC",
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"name" : "67660",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/67660"
"name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
]
}

92
2014/0xxx/CVE-2014-0005.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0005",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0005",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application."
"lang": "eng",
"value": "PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "RHSA-2014:0343",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0343.html"
"name": "RHSA-2014:0345",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0345.html"
},
{
"name" : "RHSA-2014:0344",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0344.html"
"name": "RHSA-2015:0234",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"
},
{
"name" : "RHSA-2014:0345",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0345.html"
"name": "RHSA-2015:0720",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name" : "RHSA-2015:0234",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0234.html"
"name": "RHSA-2015:0235",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"
},
{
"name" : "RHSA-2015:0235",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0235.html"
"name": "RHSA-2014:0344",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0344.html"
},
{
"name" : "RHSA-2015:0720",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
"name": "RHSA-2014:0343",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0343.html"
}
]
}

22
2014/0xxx/CVE-2014-0197.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0197",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0197",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2014/0xxx/CVE-2014-0240.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0240",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0240",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
"lang": "eng",
"value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/21/1"
"name": "59551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59551"
},
{
"name" : "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html",
"refsource" : "CONFIRM",
"url" : "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
"name": "67532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67532"
},
{
"name" : "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html",
"refsource" : "CONFIRM",
"url" : "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
"name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html",
"refsource": "CONFIRM",
"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"
},
{
"name" : "RHSA-2014:0789",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"
},
{
"name" : "67532",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67532"
"name": "RHSA-2014:0789",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"
},
{
"name" : "60094",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60094"
"name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html",
"refsource": "CONFIRM",
"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"
},
{
"name" : "59551",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59551"
"name": "60094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60094"
}
]
}

62
2014/0xxx/CVE-2014-0358.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0358",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0358",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatus action to servlet/MGConfigData, (2) the download parameter in a download action to servlet/MGConfigData, (3) the download parameter in a port_svc action to servlet/MGConfigData, (4) the file parameter in a getfile action to servlet/Installer, or (5) the binfile parameter to servlet/MGConfigData."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatus action to servlet/MGConfigData, (2) the download parameter in a download action to servlet/MGConfigData, (3) the download parameter in a port_svc action to servlet/MGConfigData, (4) the file parameter in a getfile action to servlet/Installer, or (5) the binfile parameter to servlet/MGConfigData."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#657622",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/657622"
"name": "VU#657622",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/657622"
}
]
}

236
2014/0xxx/CVE-2014-0373.json
View File

@ -1,206 +1,206 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0373",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0373",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec",
"refsource" : "MISC",
"url" : "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec"
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
"name": "56432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56432"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051699",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051699"
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699"
},
{
"name" : "HPSBUX02972",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "RHSA-2014:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name" : "HPSBUX02973",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
"name": "openSUSE-SU-2014:0174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name" : "SSRT101454",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "SSRT101455",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
},
{
"name" : "SSRT101455",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
"name": "RHSA-2014:0135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name" : "RHSA-2014:0026",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
"name": "64922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64922"
},
{
"name" : "RHSA-2014:0027",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name" : "RHSA-2014:0097",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name" : "RHSA-2014:0136",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name" : "RHSA-2014:0030",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
"name": "RHSA-2014:0097",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name" : "RHSA-2014:0134",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name" : "RHSA-2014:0135",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "RHSA-2014:0414",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name" : "openSUSE-SU-2014:0174",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "SUSE-SU-2014:0246",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
"name": "RHSA-2014:0027",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name" : "SUSE-SU-2014:0266",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
"name": "SUSE-SU-2014:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name" : "openSUSE-SU-2014:0177",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
"name": "HPSBUX02973",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
},
{
"name" : "openSUSE-SU-2014:0180",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name" : "SUSE-SU-2014:0451",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
"name": "USN-2124-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name" : "USN-2089-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2089-1"
"name": "SUSE-SU-2014:0266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name" : "USN-2124-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2124-1"
"name": "RHSA-2014:0026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name" : "64922",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64922"
"name": "SUSE-SU-2014:0246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name" : "1029608",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029608"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name" : "56432",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56432"
"name": "RHSA-2014:0134",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name" : "56485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56485"
"name": "openSUSE-SU-2014:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name" : "56535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56535"
"name": "openSUSE-SU-2014:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
]
}

68
2014/0xxx/CVE-2014-0931.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0931",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0931",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. IBM X-Force ID: 92263."
"lang": "eng",
"value": "Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. IBM X-Force ID: 92263."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21668868",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21668868"
"name": "ibm-clearcase-cve20140931-xxe(92263)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92263"
},
{
"name" : "ibm-clearcase-cve20140931-xxe(92263)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92263"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21668868",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21668868"
}
]
}

22
2014/1xxx/CVE-2014-1413.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1413",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1413",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2014/1xxx/CVE-2014-1785.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1785",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-1785",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1769, CVE-2014-1782, CVE-2014-2753, CVE-2014-2755, CVE-2014-2760, CVE-2014-2761, CVE-2014-2772, and CVE-2014-2776."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40946",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40946/"
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name" : "http://blog.skylined.nl/20161220001.html",
"refsource" : "MISC",
"url" : "http://blog.skylined.nl/20161220001.html"
"name": "http://packetstormsecurity.com/files/140233/Microsoft-Internet-Explorer-11-MSHTML-CSpliceTreeEngine-RemoveSplice-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140233/Microsoft-Internet-Explorer-11-MSHTML-CSpliceTreeEngine-RemoveSplice-Use-After-Free.html"
},
{
"name" : "http://packetstormsecurity.com/files/140233/Microsoft-Internet-Explorer-11-MSHTML-CSpliceTreeEngine-RemoveSplice-Use-After-Free.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/140233/Microsoft-Internet-Explorer-11-MSHTML-CSpliceTreeEngine-RemoveSplice-Use-After-Free.html"
"name": "http://blog.skylined.nl/20161220001.html",
"refsource": "MISC",
"url": "http://blog.skylined.nl/20161220001.html"
},
{
"name" : "MS14-035",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
"name": "40946",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40946/"
},
{
"name" : "67878",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67878"
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name" : "1030370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030370"
"name": "67878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67878"
}
]
}

98
2014/1xxx/CVE-2014-1932.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1932",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1932",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file."
"lang": "eng",
"value": "The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140210 Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/02/11/1"
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059"
"name": "GLSA-201612-52",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-52"
},
{
"name" : "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7",
"refsource" : "CONFIRM",
"url" : "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7"
"name": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7",
"refsource": "CONFIRM",
"url": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7"
},
{
"name" : "GLSA-201612-52",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-52"
"name": "[oss-security] 20140210 Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/11/1"
},
{
"name" : "openSUSE-SU-2014:0591",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html"
"name": "USN-2168-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2168-1"
},
{
"name" : "USN-2168-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2168-1"
"name": "65511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65511"
},
{
"name" : "65511",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65511"
"name": "openSUSE-SU-2014:0591",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html"
}
]
}

74
2014/4xxx/CVE-2014-4111.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4111",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4111",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, and CVE-2014-4110."
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065, CVE-2014-4079, CVE-2014-4081, CVE-2014-4083, CVE-2014-4085, CVE-2014-4088, CVE-2014-4090, CVE-2014-4094, CVE-2014-4097, CVE-2014-4100, CVE-2014-4103, CVE-2014-4104, CVE-2014-4105, CVE-2014-4106, CVE-2014-4107, CVE-2014-4108, CVE-2014-4109, and CVE-2014-4110."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-052",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
"name": "69615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69615"
},
{
"name" : "69615",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69615"
"name": "1030818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030818"
},
{
"name" : "1030818",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030818"
"name": "MS14-052",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
}
]
}

22
2014/4xxx/CVE-2014-4156.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4156",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4156",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

242
2014/4xxx/CVE-2014-4268.json
View File

@ -1,211 +1,211 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4268",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4268",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
"name": "DSA-2987",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
"name": "68615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68615"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
"name": "60129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60129"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
"name": "DSA-2980",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
"name": "1030577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name" : "DSA-2980",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2980"
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name" : "DSA-2987",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2987"
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "GLSA-201502-12",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml"
"name": "60812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60812"
},
{
"name" : "HPSBUX03091",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "HPSBUX03092",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name" : "SSRT101667",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
"name": "60817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60817"
},
{
"name" : "SSRT101668",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
"name": "oracle-cpujul2014-cve20144268(94602)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94602"
},
{
"name" : "SUSE-SU-2015:0344",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
"name": "61577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61577"
},
{
"name" : "SUSE-SU-2015:0376",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name" : "SUSE-SU-2015:0392",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "68615",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68615"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "1030577",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030577"
"name": "60485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60485"
},
{
"name" : "60081",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60081"
"name": "59680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59680"
},
{
"name" : "60317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60317"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name" : "61577",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61577"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "61640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61640"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name" : "59404",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59404"
"name": "60622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60622"
},
{
"name" : "60817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60817"
"name": "60081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60081"
},
{
"name" : "60485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60485"
"name": "61640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61640"
},
{
"name" : "59680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59680"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name" : "60622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60622"
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name" : "60129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60129"
"name": "60317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60317"
},
{
"name" : "60812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60812"
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name" : "oracle-cpujul2014-cve20144268(94602)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94602"
"name": "59404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59404"
}
]
}

68
2014/4xxx/CVE-2014-4509.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4509",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4509",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters."
"lang": "eng",
"value": "The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://download.novell.com/Download?buildid=5XLmBl54_Rg~",
"refsource" : "CONFIRM",
"url" : "http://download.novell.com/Download?buildid=5XLmBl54_Rg~"
"name": "68139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68139"
},
{
"name" : "68139",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68139"
"name": "http://download.novell.com/Download?buildid=5XLmBl54_Rg~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=5XLmBl54_Rg~"
}
]
}

22
2014/4xxx/CVE-2014-4841.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4841",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4841",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/72xxx/CVE-2014-72038.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-72038",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-72038",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2353. Reason: This candidate is a duplicate of CVE-2014-2353. The wrong ID was used. Notes: All CVE users should reference CVE-2014-2353 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2353. Reason: This candidate is a duplicate of CVE-2014-2353. The wrong ID was used. Notes: All CVE users should reference CVE-2014-2353 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

62
2014/9xxx/CVE-2014-9456.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9456",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9456",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information."
"lang": "eng",
"value": "Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped to CVE-2014-1004; see CVE-2014-1004 for more information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35589",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35589"
"name": "35589",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35589"
}
]
}

104
2014/9xxx/CVE-2014-9654.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9654",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9654",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923."
"lang": "eng",
"value": "The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150205 Re: CVE request - ICU",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2015/02/05/15"
"name": "http://bugs.icu-project.org/trac/ticket/11371",
"refsource": "CONFIRM",
"url": "http://bugs.icu-project.org/trac/ticket/11371"
},
{
"name" : "http://bugs.icu-project.org/trac/changeset/36801",
"refsource" : "CONFIRM",
"url" : "http://bugs.icu-project.org/trac/changeset/36801"
"name": "https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5",
"refsource": "CONFIRM",
"url": "https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5"
},
{
"name" : "http://bugs.icu-project.org/trac/ticket/11371",
"refsource" : "CONFIRM",
"url" : "http://bugs.icu-project.org/trac/ticket/11371"
"name": "https://code.google.com/p/chromium/issues/detail?id=432209",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=432209"
},
{
"name" : "https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5",
"refsource" : "CONFIRM",
"url" : "https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5"
"name": "1035410",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035410"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=432209",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=432209"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
"name": "GLSA-201503-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-06"
},
{
"name" : "GLSA-201503-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201503-06"
"name": "http://bugs.icu-project.org/trac/changeset/36801",
"refsource": "CONFIRM",
"url": "http://bugs.icu-project.org/trac/changeset/36801"
},
{
"name" : "1035410",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035410"
"name": "[oss-security] 20150205 Re: CVE request - ICU",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/02/05/15"
}
]
}

74
2014/9xxx/CVE-2014-9898.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9898",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2014-9898",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28814690 and Qualcomm internal bug CR554575."
"lang": "eng",
"value": "arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28814690 and Qualcomm internal bug CR554575."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-08-01.html"
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=80be0e249c906704085d13d4ae446f73913fc225",
"refsource" : "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=80be0e249c906704085d13d4ae446f73913fc225"
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=80be0e249c906704085d13d4ae446f73913fc225",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=80be0e249c906704085d13d4ae446f73913fc225"
},
{
"name" : "92222",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92222"
"name": "92222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92222"
}
]
}

68
2016/6xxx/CVE-2016-6345.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-6345",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-6345",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "RESTEasy allows remote authenticated users to obtain sensitive information by leveraging \"insufficient use of random values\" in async jobs."
"lang": "eng",
"value": "RESTEasy allows remote authenticated users to obtain sensitive information by leveraging \"insufficient use of random values\" in async jobs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1372117",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1372117"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1372117",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372117"
},
{
"name" : "92746",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92746"
"name": "92746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92746"
}
]
}

104
2016/7xxx/CVE-2016-7529.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-7529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file."
"lang": "eng",
"value": "coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/22/2"
"name": "https://github.com/ImageMagick/ImageMagick/issues/104",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/104"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051"
"name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052"
"name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378761",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378761"
"name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c"
"name": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/103",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/103"
"name": "https://github.com/ImageMagick/ImageMagick/issues/103",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/103"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/104",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/104"
"name": "93131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93131"
},
{
"name" : "93131",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93131"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761"
}
]
}

98
2016/7xxx/CVE-2016-7578.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7578",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7578",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207270",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207270"
"name": "https://support.apple.com/HT207271",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207271"
},
{
"name" : "https://support.apple.com/HT207271",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207271"
"name": "93949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93949"
},
{
"name" : "https://support.apple.com/HT207272",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207272"
"name": "https://support.apple.com/HT207273",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207273"
},
{
"name" : "https://support.apple.com/HT207273",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207273"
"name": "https://support.apple.com/HT207270",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207270"
},
{
"name" : "https://support.apple.com/HT207274",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207274"
"name": "https://support.apple.com/HT207274",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207274"
},
{
"name" : "93949",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93949"
"name": "1037139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037139"
},
{
"name" : "1037139",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037139"
"name": "https://support.apple.com/HT207272",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207272"
}
]
}

98
2016/7xxx/CVE-2016-7799.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7799",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7799",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
"lang": "eng",
"value": "MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/01/6"
"name": "GLSA-201611-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-21"
},
{
"name" : "[oss-security] 20161001 imagemagick mogrify global buffer overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/01/4"
"name": "93264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93264"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa"
"name": "[oss-security] 20161001 imagemagick mogrify global buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/01/4"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/280",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/280"
"name": "[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/01/6"
},
{
"name" : "DSA-3726",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3726"
"name": "https://github.com/ImageMagick/ImageMagick/issues/280",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/280"
},
{
"name" : "GLSA-201611-21",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-21"
"name": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa"
},
{
"name" : "93264",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93264"
"name": "DSA-3726",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3726"
}
]
}

92
2016/7xxx/CVE-2016-7922.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7922",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7922",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print()."
"lang": "eng",
"value": "The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print()."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource" : "CONFIRM",
"url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
"name": "1037755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037755"
},
{
"name" : "DSA-3775",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3775"
"name": "DSA-3775",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3775"
},
{
"name" : "GLSA-201702-30",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-30"
"name": "RHSA-2017:1871",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1871"
},
{
"name" : "RHSA-2017:1871",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1871"
"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
},
{
"name" : "95852",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95852"
"name": "95852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95852"
},
{
"name" : "1037755",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037755"
"name": "GLSA-201702-30",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-30"
}
]
}

74
2016/8xxx/CVE-2016-8027.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"ID" : "CVE-2016-8027",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8027",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier",
"version" : {
"version_data" : [
"product_name": "McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier",
"version": {
"version_data": [
{
"version_value" : "McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier"
"version_value": "McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post."
"lang": "eng",
"value": "SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability"
"lang": "eng",
"value": "SQL injection vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10187",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10187"
"name": "1037777",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037777"
},
{
"name" : "95981",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95981"
"name": "95981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95981"
},
{
"name" : "1037777",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037777"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10187",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10187"
}
]
}

22
2016/8xxx/CVE-2016-8079.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8079",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8079",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

22
2016/8xxx/CVE-2016-8193.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8193",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8193",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2016/9xxx/CVE-2016-9220.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2016-9220",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-9220",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cisco Mobility Express 2800 and 3800",
"version" : {
"version_data" : [
"product_name": "Cisco Mobility Express 2800 and 3800",
"version": {
"version_data": [
{
"version_value" : "Cisco Mobility Express 2800 and 3800"
"version_value": "Cisco Mobility Express 2800 and 3800"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
"lang": "eng",
"value": "A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. More Information: CSCvb66659. Known Affected Releases: 8.2(130.0). Known Fixed Releases: 8.2(131.10) 8.2(131.6) 8.2(141.0) 8.3(104.56) 8.4(1.88) 8.4(1.91)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "unspecified"
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-cme1"
},
{
"name" : "95633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95633"
"name": "95633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95633"
}
]
}

92
2016/9xxx/CVE-2016-9436.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9436",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9436",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag."
"lang": "eng",
"value": "parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/3"
"name": "GLSA-201701-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-08"
},
{
"name" : "https://github.com/tats/w3m/issues/16",
"refsource" : "MISC",
"url" : "https://github.com/tats/w3m/issues/16"
"name": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd"
},
{
"name" : "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd",
"refsource" : "CONFIRM",
"url" : "https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd"
"name": "openSUSE-SU-2016:3121",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html"
},
{
"name" : "GLSA-201701-08",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-08"
"name": "https://github.com/tats/w3m/issues/16",
"refsource": "MISC",
"url": "https://github.com/tats/w3m/issues/16"
},
{
"name" : "openSUSE-SU-2016:3121",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html"
"name": "94407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94407"
},
{
"name" : "94407",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94407"
"name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/3"
}
]
}

68
2016/9xxx/CVE-2016-9952.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9952",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9952",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\""
"lang": "eng",
"value": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://curl.haxx.se/CVE-2016-9952.patch",
"refsource" : "CONFIRM",
"url" : "https://curl.haxx.se/CVE-2016-9952.patch"
"name": "https://curl.haxx.se/docs/adv_20161221B.html",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/docs/adv_20161221B.html"
},
{
"name" : "https://curl.haxx.se/docs/adv_20161221B.html",
"refsource" : "CONFIRM",
"url" : "https://curl.haxx.se/docs/adv_20161221B.html"
"name": "https://curl.haxx.se/CVE-2016-9952.patch",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/CVE-2016-9952.patch"
}
]
}

22
2019/2xxx/CVE-2019-2823.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2823",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2823",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}