admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:24:15 +00:00
parent 49e6e727a1
commit 1bc0833a54
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 4240 additions and 4240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
2006/1xxx/CVE-2006-1657.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1657",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the \"Login Log\" page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060419 [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431344/100/0/threaded"
},
{
"name" : "http://evuln.com/vulns/121/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/121/summary.html"
},
{
"name" : "17387",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17387"
},
{
"name" : "ADV-2006-1243",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1243"
},
{
"name" : "24397",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24397"
},
{
"name" : "19526",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19526"
},
{
"name" : "741",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/741"
},
{
"name" : "nt-index-xss(25638)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25638"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the \"Login Log\" page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://evuln.com/vulns/121/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/121/summary.html"
},
{
"name": "ADV-2006-1243",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1243"
},
{
"name": "24397",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24397"
},
{
"name": "20060419 [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431344/100/0/threaded"
},
{
"name": "741",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/741"
},
{
"name": "19526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19526"
},
{
"name": "nt-index-xss(25638)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25638"
},
{
"name": "17387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17387"
}
]
}
}

160
2006/5xxx/CVE-2006-5038.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5038",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060921 FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0391.html"
},
{
"name" : "http://www.osnews.com/story.php/15923/Review-FiWin-SS28S-WiFi-VoIP-SIPSkype-Phone/",
"refsource" : "MISC",
"url" : "http://www.osnews.com/story.php/15923/Review-FiWin-SS28S-WiFi-VoIP-SIPSkype-Phone/"
},
{
"name" : "20154",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20154"
},
{
"name" : "22041",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22041"
},
{
"name" : "fiwin-ss28s-default-account(29114)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29114"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20154"
},
{
"name": "http://www.osnews.com/story.php/15923/Review-FiWin-SS28S-WiFi-VoIP-SIPSkype-Phone/",
"refsource": "MISC",
"url": "http://www.osnews.com/story.php/15923/Review-FiWin-SS28S-WiFi-VoIP-SIPSkype-Phone/"
},
{
"name": "22041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22041"
},
{
"name": "20060921 FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0391.html"
},
{
"name": "fiwin-ss28s-default-account(29114)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29114"
}
]
}
}

150
2006/5xxx/CVE-2006-5095.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5095",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed according to the provided instructions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060923 MyPhotos<= Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/446876/100/0/threaded"
},
{
"name" : "20060927 MyPhotos includesdir file inclusion - CVE dispute",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2006-September/001057.html"
},
{
"name" : "20160",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20160"
},
{
"name" : "1656",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1656"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed according to the provided instructions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1656",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1656"
},
{
"name": "20060927 MyPhotos includesdir file inclusion - CVE dispute",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-September/001057.html"
},
{
"name": "20160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20160"
},
{
"name": "20060923 MyPhotos<= Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446876/100/0/threaded"
}
]
}
}

190
2006/5xxx/CVE-2006-5100.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5100",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060926 webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/446996/100/0/threaded"
},
{
"name" : "2435",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2435"
},
{
"name" : "20239",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20239"
},
{
"name" : "ADV-2006-3797",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3797"
},
{
"name" : "1016938",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016938"
},
{
"name" : "22076",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22076"
},
{
"name" : "1659",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1659"
},
{
"name" : "webnews-parser-file-include(29167)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29167"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20239"
},
{
"name": "webnews-parser-file-include(29167)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29167"
},
{
"name": "2435",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2435"
},
{
"name": "ADV-2006-3797",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3797"
},
{
"name": "20060926 webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446996/100/0/threaded"
},
{
"name": "1016938",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016938"
},
{
"name": "22076",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22076"
},
{
"name": "1659",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1659"
}
]
}
}

200
2006/5xxx/CVE-2006-5571.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5571",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks 1.09c and 1.09d allows remote attackers to execute arbitrary code via a long string in the doc parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061024 [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/449572/100/0/threaded"
},
{
"name" : "20061024 [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=116167230400165&w=2"
},
{
"name" : "http://vuln.sg/cruiseworks109d-en.html",
"refsource" : "MISC",
"url" : "http://vuln.sg/cruiseworks109d-en.html"
},
{
"name" : "20699",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20699"
},
{
"name" : "ADV-2006-4158",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4158"
},
{
"name" : "1017110",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/alerts/2006/Oct/1017110.html"
},
{
"name" : "22139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22139"
},
{
"name" : "1790",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1790"
},
{
"name" : "cruiseworks-scripts-bo(29763)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29763"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks 1.09c and 1.09d allows remote attackers to execute arbitrary code via a long string in the doc parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20699"
},
{
"name": "20061024 [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449572/100/0/threaded"
},
{
"name": "ADV-2006-4158",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4158"
},
{
"name": "20061024 [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=116167230400165&w=2"
},
{
"name": "1017110",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2006/Oct/1017110.html"
},
{
"name": "http://vuln.sg/cruiseworks109d-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/cruiseworks109d-en.html"
},
{
"name": "22139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22139"
},
{
"name": "cruiseworks-scripts-bo(29763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29763"
},
{
"name": "1790",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1790"
}
]
}
}

440
2006/5xxx/CVE-2006-5753.json
View File

@ -1,222 +1,222 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5753",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the listxattr system call in Linux kernel, when a \"bad inode\" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-5753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070615 rPSA-2007-0124-1 kernel xen",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/471457"
},
{
"name" : "http://lkml.org/lkml/2007/1/3/150",
"refsource" : "MISC",
"url" : "http://lkml.org/lkml/2007/1/3/150"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1106",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1106"
},
{
"name" : "DSA-1304",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1304"
},
{
"name" : "DSA-1503",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1503"
},
{
"name" : "FEDORA-2007-277",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2739"
},
{
"name" : "FEDORA-2007-291",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2740"
},
{
"name" : "MDKSA-2007:040",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:040"
},
{
"name" : "MDKSA-2007:060",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060"
},
{
"name" : "RHSA-2007:0014",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0014.html"
},
{
"name" : "SUSE-SA:2007:018",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_18_kernel.html"
},
{
"name" : "SUSE-SA:2007:021",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_21_kernel.html"
},
{
"name" : "SUSE-SA:2007:030",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_30_kernel.html"
},
{
"name" : "SUSE-SA:2007:035",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
},
{
"name" : "USN-416-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-416-1"
},
{
"name" : "22316",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22316"
},
{
"name" : "33020",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33020"
},
{
"name" : "oval:org.mitre.oval:def:9371",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9371"
},
{
"name" : "23955",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23955"
},
{
"name" : "23997",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23997"
},
{
"name" : "24100",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24100"
},
{
"name" : "24098",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24098"
},
{
"name" : "24206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24206"
},
{
"name" : "24400",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24400"
},
{
"name" : "24429",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24429"
},
{
"name" : "24482",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24482"
},
{
"name" : "24547",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24547"
},
{
"name" : "25683",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25683"
},
{
"name" : "25714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25714"
},
{
"name" : "25691",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25691"
},
{
"name" : "25226",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25226"
},
{
"name" : "29058",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29058"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the listxattr system call in Linux kernel, when a \"bad inode\" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2007:0014",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0014.html"
},
{
"name": "oval:org.mitre.oval:def:9371",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9371"
},
{
"name": "24098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24098"
},
{
"name": "22316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22316"
},
{
"name": "24429",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24429"
},
{
"name": "24400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24400"
},
{
"name": "SUSE-SA:2007:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html"
},
{
"name": "FEDORA-2007-277",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2739"
},
{
"name": "MDKSA-2007:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:040"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm"
},
{
"name": "USN-416-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-416-1"
},
{
"name": "24100",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24100"
},
{
"name": "FEDORA-2007-291",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2740"
},
{
"name": "25226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25226"
},
{
"name": "25683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25683"
},
{
"name": "24206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24206"
},
{
"name": "23997",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23997"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "24482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24482"
},
{
"name": "SUSE-SA:2007:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_18_kernel.html"
},
{
"name": "DSA-1503",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1503"
},
{
"name": "33020",
"refsource": "OSVDB",
"url": "http://osvdb.org/33020"
},
{
"name": "http://lkml.org/lkml/2007/1/3/150",
"refsource": "MISC",
"url": "http://lkml.org/lkml/2007/1/3/150"
},
{
"name": "24547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24547"
},
{
"name": "SUSE-SA:2007:030",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html"
},
{
"name": "29058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29058"
},
{
"name": "DSA-1304",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1304"
},
{
"name": "25714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25714"
},
{
"name": "SUSE-SA:2007:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
},
{
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
},
{
"name": "MDKSA-2007:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060"
},
{
"name": "https://issues.rpath.com/browse/RPL-1106",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1106"
},
{
"name": "23955",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23955"
}
]
}
}

180
2007/2xxx/CVE-2007-2039.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2039",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070412 Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml"
},
{
"name" : "23461",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23461"
},
{
"name" : "ADV-2007-1368",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1368"
},
{
"name" : "34137",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34137"
},
{
"name" : "34139",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34139"
},
{
"name" : "1017908",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017908"
},
{
"name" : "cisco-wlc-npu-traffic-dos(33609)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33609"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1368",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1368"
},
{
"name": "20070412 Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml"
},
{
"name": "34137",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34137"
},
{
"name": "1017908",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017908"
},
{
"name": "cisco-wlc-npu-traffic-dos(33609)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33609"
},
{
"name": "34139",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34139"
},
{
"name": "23461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23461"
}
]
}
}

150
2007/2xxx/CVE-2007-2160.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2160",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://drupal.org/node/135549",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/135549"
},
{
"name" : "ADV-2007-1360",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1360"
},
{
"name" : "34962",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34962"
},
{
"name" : "24848",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24848"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24848"
},
{
"name": "34962",
"refsource": "OSVDB",
"url": "http://osvdb.org/34962"
},
{
"name": "ADV-2007-1360",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1360"
},
{
"name": "http://drupal.org/node/135549",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/135549"
}
]
}
}

180
2007/2xxx/CVE-2007-2299.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2299",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) dzial parameter to (a) katalog.php, or the (2) t parameter to (b) forum.php or (c) forum/viewtopic.php, different vectors than CVE-2006-4536."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3731",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3731"
},
{
"name" : "23476",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23476"
},
{
"name" : "ADV-2007-1388",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1388"
},
{
"name" : "35526",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35526"
},
{
"name" : "35527",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35527"
},
{
"name" : "35528",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35528"
},
{
"name" : "frogsscms-katalog-sql-injection(33640)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33640"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) dzial parameter to (a) katalog.php, or the (2) t parameter to (b) forum.php or (c) forum/viewtopic.php, different vectors than CVE-2006-4536."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "frogsscms-katalog-sql-injection(33640)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33640"
},
{
"name": "23476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23476"
},
{
"name": "35528",
"refsource": "OSVDB",
"url": "http://osvdb.org/35528"
},
{
"name": "35527",
"refsource": "OSVDB",
"url": "http://osvdb.org/35527"
},
{
"name": "3731",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3731"
},
{
"name": "ADV-2007-1388",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1388"
},
{
"name": "35526",
"refsource": "OSVDB",
"url": "http://osvdb.org/35526"
}
]
}
}

140
2007/2xxx/CVE-2007-2665.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2665",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3906",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3906"
},
{
"name" : "23947",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23947"
},
{
"name" : "38257",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38257"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3906",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3906"
},
{
"name": "38257",
"refsource": "OSVDB",
"url": "http://osvdb.org/38257"
},
{
"name": "23947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23947"
}
]
}
}

180
2007/2xxx/CVE-2007-2786.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2786",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote attackers to cause a denial of service (resource exhaustion) by making many requests from a single client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[ircd-ratbox] 20070514 IMPORTANT: potential DoS found in ircd-ratbox",
"refsource" : "MLIST",
"url" : "http://lists.ratbox.org/pipermail/ircd-ratbox/2007-May/000759.html"
},
{
"name" : "OpenPKG-SA-2007.017",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.017.html"
},
{
"name" : "24044",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24044"
},
{
"name" : "ADV-2007-1890",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1890"
},
{
"name" : "36238",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36238"
},
{
"name" : "25332",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25332"
},
{
"name" : "ircdratbox-unspecified-dos(34368)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34368"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote attackers to cause a denial of service (resource exhaustion) by making many requests from a single client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36238",
"refsource": "OSVDB",
"url": "http://osvdb.org/36238"
},
{
"name": "ADV-2007-1890",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1890"
},
{
"name": "OpenPKG-SA-2007.017",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.017.html"
},
{
"name": "24044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24044"
},
{
"name": "25332",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25332"
},
{
"name": "[ircd-ratbox] 20070514 IMPORTANT: potential DoS found in ircd-ratbox",
"refsource": "MLIST",
"url": "http://lists.ratbox.org/pipermail/ircd-ratbox/2007-May/000759.html"
},
{
"name": "ircdratbox-unspecified-dos(34368)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34368"
}
]
}
}

130
2007/6xxx/CVE-2007-6380.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6380",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections/ratefile.php, and (e) myalbum/ratephoto.php in modules/; the (2) bid parameter to (f) modules/banners/click.php; and the (3) gid parameter to (g) modules/arcade/index.php in a show_stats and play_game action, related issues to CVE-2007-5104 and CVE-2007-6266."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://lostmon.blogspot.com/2007/12/e-xoops-multiple-variablescripts-sql.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2007/12/e-xoops-multiple-variablescripts-sql.html"
},
{
"name" : "26796",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26796"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to (a) mylinks/ratelink.php, (b) adresses/ratefile.php, (c) mydownloads/ratefile.php, (d) mysections/ratefile.php, and (e) myalbum/ratephoto.php in modules/; the (2) bid parameter to (f) modules/banners/click.php; and the (3) gid parameter to (g) modules/arcade/index.php in a show_stats and play_game action, related issues to CVE-2007-5104 and CVE-2007-6266."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26796"
},
{
"name": "http://lostmon.blogspot.com/2007/12/e-xoops-multiple-variablescripts-sql.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2007/12/e-xoops-multiple-variablescripts-sql.html"
}
]
}
}

150
2007/6xxx/CVE-2007-6622.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6622",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4798",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4798"
},
{
"name" : "27058",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27058"
},
{
"name" : "39759",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39759"
},
{
"name" : "28194",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28194"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27058",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27058"
},
{
"name": "4798",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4798"
},
{
"name": "39759",
"refsource": "OSVDB",
"url": "http://osvdb.org/39759"
},
{
"name": "28194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28194"
}
]
}
}

120
2010/0xxx/CVE-2010-0345.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0345",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
}
]
}
}

150
2010/0xxx/CVE-2010-0530.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0530",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT4447",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4447"
},
{
"name" : "APPLE-SA-2010-12-07-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name" : "oval:org.mitre.oval:def:16036",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16036"
},
{
"name" : "1024829",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024829"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:16036",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16036"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
},
{
"name": "1024829",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024829"
}
]
}
}

210
2010/0xxx/CVE-2010-0667.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0667",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20100121 CVE request: MoinMoin information disclosure",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/01/21/6"
},
{
"name" : "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/15/2"
},
{
"name" : "[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126625972814888&w=2"
},
{
"name" : "[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126676896601156&w=2"
},
{
"name" : "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES",
"refsource" : "CONFIRM",
"url" : "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"
},
{
"name" : "http://hg.moinmo.in/moin/1.9/rev/04afdde50094",
"refsource" : "CONFIRM",
"url" : "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"
},
{
"name" : "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2",
"refsource" : "CONFIRM",
"url" : "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"
},
{
"name" : "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18",
"refsource" : "CONFIRM",
"url" : "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"
},
{
"name" : "http://moinmo.in/SecurityFixes",
"refsource" : "CONFIRM",
"url" : "http://moinmo.in/SecurityFixes"
},
{
"name" : "38242",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38242"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"
},
{
"name": "http://moinmo.in/SecurityFixes",
"refsource": "CONFIRM",
"url": "http://moinmo.in/SecurityFixes"
},
{
"name": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"
},
{
"name": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18",
"refsource": "CONFIRM",
"url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"
},
{
"name": "[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"
},
{
"name": "[oss-security] 20100121 CVE request: MoinMoin information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"
},
{
"name": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"
},
{
"name": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"
},
{
"name": "[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"
},
{
"name": "38242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38242"
}
]
}
}

370
2010/0xxx/CVE-2010-0740.json
View File

@ -1,187 +1,187 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0740",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
"refsource" : "MLIST",
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
},
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
"refsource" : "MLIST",
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
},
{
"name" : "http://www.openssl.org/news/secadv_20100324.txt",
"refsource" : "CONFIRM",
"url" : "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
},
{
"name" : "https://kb.bluecoat.com/index?page=content&id=SA50",
"refsource" : "CONFIRM",
"url" : "https://kb.bluecoat.com/index?page=content&id=SA50"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name" : "http://support.apple.com/kb/HT4723",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4723"
},
{
"name" : "APPLE-SA-2011-06-23-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name" : "FEDORA-2010-5744",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
},
{
"name" : "HPSBUX02517",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name" : "HPSBUX02531",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name" : "SSRT100058",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name" : "SSRT100108",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name" : "MDVSA-2010:076",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name" : "oval:org.mitre.oval:def:11731",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731"
},
{
"name" : "1023748",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023748"
},
{
"name" : "39932",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39932"
},
{
"name" : "42724",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42724"
},
{
"name" : "42733",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42733"
},
{
"name" : "43311",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43311"
},
{
"name" : "ADV-2010-0710",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0710"
},
{
"name" : "ADV-2010-0839",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0839"
},
{
"name" : "ADV-2010-0933",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name" : "ADV-2010-1216",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1216"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42724",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42724"
},
{
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "HPSBUX02531",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "http://www.openssl.org/news/secadv_20100324.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
"refsource": "MLIST",
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
},
{
"name": "ADV-2010-0710",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0710"
},
{
"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "ADV-2010-0839",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0839"
},
{
"name": "SSRT100108",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name": "MDVSA-2010:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name": "HPSBUX02517",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
"refsource": "MLIST",
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
},
{
"name": "1023748",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023748"
},
{
"name": "39932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39932"
},
{
"name": "ADV-2010-0933",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "SSRT100058",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name": "https://kb.bluecoat.com/index?page=content&id=SA50",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content&id=SA50"
},
{
"name": "oval:org.mitre.oval:def:11731",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "43311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43311"
},
{
"name": "ADV-2010-1216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1216"
},
{
"name": "42733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42733"
},
{
"name": "FEDORA-2010-5744",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
}
]
}
}

330
2010/1xxx/CVE-2010-1400.json
View File

@ -1,167 +1,167 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1400",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100607 Multiple Vendor WebKit HTML Caption Use After Free Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=870"
},
{
"name" : "http://support.apple.com/kb/HT4196",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4196"
},
{
"name" : "http://support.apple.com/kb/HT4220",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4220"
},
{
"name" : "http://support.apple.com/kb/HT4225",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4225"
},
{
"name" : "APPLE-SA-2010-06-07-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html"
},
{
"name" : "APPLE-SA-2010-06-16-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html"
},
{
"name" : "APPLE-SA-2010-06-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name" : "MDVSA-2011:039",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "USN-1006-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name" : "40620",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40620"
},
{
"name" : "oval:org.mitre.oval:def:7031",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7031"
},
{
"name" : "1024067",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024067"
},
{
"name" : "40105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40105"
},
{
"name" : "40196",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40196"
},
{
"name" : "41856",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41856"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
},
{
"name" : "ADV-2010-1373",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1373"
},
{
"name" : "ADV-2010-1512",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1512"
},
{
"name" : "ADV-2010-2722",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name" : "ADV-2011-0552",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0552"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name": "http://support.apple.com/kb/HT4220",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4220"
},
{
"name": "ADV-2010-2722",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "USN-1006-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name": "41856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41856"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "http://support.apple.com/kb/HT4225",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4225"
},
{
"name": "APPLE-SA-2010-06-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html"
},
{
"name": "40196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40196"
},
{
"name": "40105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40105"
},
{
"name": "ADV-2010-1373",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1373"
},
{
"name": "APPLE-SA-2010-06-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "ADV-2010-1512",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1512"
},
{
"name": "oval:org.mitre.oval:def:7031",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7031"
},
{
"name": "40620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40620"
},
{
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
},
{
"name": "1024067",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024067"
},
{
"name": "http://support.apple.com/kb/HT4196",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4196"
},
{
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name": "20100607 Multiple Vendor WebKit HTML Caption Use After Free Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=870"
}
]
}
}

190
2010/1xxx/CVE-2010-1960.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1960",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-1960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100608 ZDI-10-105: Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/511734/100/0/threaded"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-105/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-105/"
},
{
"name" : "HPSBMA02537",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127602909915281&w=2"
},
{
"name" : "SSRT010027",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127602909915281&w=2"
},
{
"name" : "40637",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40637"
},
{
"name" : "1024071",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024071"
},
{
"name" : "40101",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40101"
},
{
"name" : "ovnnm-ovwebsnmpsrv-bo(59249)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59249"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100608 ZDI-10-105: Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511734/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-105/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-105/"
},
{
"name": "HPSBMA02537",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127602909915281&w=2"
},
{
"name": "40101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40101"
},
{
"name": "40637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40637"
},
{
"name": "SSRT010027",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127602909915281&w=2"
},
{
"name": "ovnnm-ovwebsnmpsrv-bo(59249)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59249"
},
{
"name": "1024071",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024071"
}
]
}
}

180
2010/4xxx/CVE-2010-4426.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4426",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 through 8.50.14, and 8.51.0 through 8.51.04 allows remote attackers to affect integrity, related to PIA Core Technology."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-4426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name" : "45867",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45867"
},
{
"name" : "70560",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70560"
},
{
"name" : "1024978",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024978"
},
{
"name" : "42924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42924"
},
{
"name" : "ADV-2011-0147",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0147"
},
{
"name" : "peoplesoft-pia-unauth-access(64787)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64787"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 through 8.50.14, and 8.51.0 through 8.51.04 allows remote attackers to affect integrity, related to PIA Core Technology."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "70560",
"refsource": "OSVDB",
"url": "http://osvdb.org/70560"
},
{
"name": "ADV-2011-0147",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0147"
},
{
"name": "42924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42924"
},
{
"name": "peoplesoft-pia-unauth-access(64787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64787"
},
{
"name": "1024978",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024978"
},
{
"name": "45867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45867"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
}
]
}
}

180
2010/4xxx/CVE-2010-4755.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4755",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"refsource" : "SREASONRES",
"url" : "http://securityreason.com/achievement_securityalert/89"
},
{
"name" : "http://cxib.net/stuff/glob-0day.c",
"refsource" : "MISC",
"url" : "http://cxib.net/stuff/glob-0day.c"
},
{
"name" : "http://securityreason.com/exploitalert/9223",
"refsource" : "MISC",
"url" : "http://securityreason.com/exploitalert/9223"
},
{
"name" : "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1",
"refsource" : "CONFIRM",
"url" : "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"name" : "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1",
"refsource" : "CONFIRM",
"url" : "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"name" : "NetBSD-SA2010-008",
"refsource" : "NETBSD",
"url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name" : "8116",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8116"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"name": "http://securityreason.com/exploitalert/9223",
"refsource": "MISC",
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"name": "http://cxib.net/stuff/glob-0day.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8116"
}
]
}
}

130
2010/4xxx/CVE-2010-4986.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4986",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "14262",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14262"
},
{
"name" : "41431",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41431"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14262",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14262"
},
{
"name": "41431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41431"
}
]
}
}

160
2010/5xxx/CVE-2010-5285.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5285",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "15240",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15240"
},
{
"name" : "http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt"
},
{
"name" : "http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt",
"refsource" : "MISC",
"url" : "http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt"
},
{
"name" : "44050",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44050"
},
{
"name" : "41805",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41805"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44050"
},
{
"name": "15240",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15240"
},
{
"name": "http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt"
},
{
"name": "41805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41805"
},
{
"name": "http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt",
"refsource": "MISC",
"url": "http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt"
}
]
}
}

170
2014/0xxx/CVE-2014-0481.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0481",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a denial of service (CPU consumption) by unloading a multiple files with the same name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-0481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.djangoproject.com/weblog/2014/aug/20/security/",
"refsource" : "CONFIRM",
"url" : "https://www.djangoproject.com/weblog/2014/aug/20/security/"
},
{
"name" : "DSA-3010",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3010"
},
{
"name" : "openSUSE-SU-2014:1132",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"
},
{
"name" : "59782",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59782"
},
{
"name" : "61276",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61276"
},
{
"name" : "61281",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61281"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a denial of service (CPU consumption) by unloading a multiple files with the same name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.djangoproject.com/weblog/2014/aug/20/security/",
"refsource": "CONFIRM",
"url": "https://www.djangoproject.com/weblog/2014/aug/20/security/"
},
{
"name": "61276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61276"
},
{
"name": "61281",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61281"
},
{
"name": "openSUSE-SU-2014:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"
},
{
"name": "DSA-3010",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3010"
},
{
"name": "59782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59782"
}
]
}
}

180
2014/0xxx/CVE-2014-0541.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0541",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allow attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html"
},
{
"name" : "GLSA-201408-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201408-05.xml"
},
{
"name" : "1030712",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030712"
},
{
"name" : "58593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58593"
},
{
"name" : "59904",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59904"
},
{
"name" : "60710",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60710"
},
{
"name" : "60732",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60732"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allow attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60710"
},
{
"name": "60732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60732"
},
{
"name": "59904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59904"
},
{
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html"
},
{
"name": "58593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58593"
},
{
"name": "1030712",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030712"
},
{
"name": "GLSA-201408-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201408-05.xml"
}
]
}
}

120
2014/0xxx/CVE-2014-0635.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0635",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-0635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20140326 ESA-2014-016: EMC VPLEX Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-03/0157.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140326 ESA-2014-016: EMC VPLEX Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0157.html"
}
]
}
}

180
2014/0xxx/CVE-2014-0657.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0657",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32341",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32341"
},
{
"name" : "20140107 Cisco Unified Communications Manager Role Bypass Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657"
},
{
"name" : "64690",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64690"
},
{
"name" : "101800",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/101800"
},
{
"name" : "1029571",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029571"
},
{
"name" : "56368",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56368"
},
{
"name" : "cisco-ucm-cve20140657-sec-bypass(90120)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90120"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101800",
"refsource": "OSVDB",
"url": "http://osvdb.org/101800"
},
{
"name": "cisco-ucm-cve20140657-sec-bypass(90120)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90120"
},
{
"name": "56368",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56368"
},
{
"name": "20140107 Cisco Unified Communications Manager Role Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32341",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32341"
},
{
"name": "64690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64690"
},
{
"name": "1029571",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029571"
}
]
}
}

150
2014/0xxx/CVE-2014-0932.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670912",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670912"
},
{
"name" : "IT00419",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT00419"
},
{
"name" : "66993",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66993"
},
{
"name" : "ibm-sterlingom-cve20140932-xss(92264)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92264"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21670912",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670912"
},
{
"name": "66993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66993"
},
{
"name": "ibm-sterlingom-cve20140932-xss(92264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92264"
},
{
"name": "IT00419",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT00419"
}
]
}
}

34
2014/4xxx/CVE-2014-4135.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4135",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-4135",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

920
2014/4xxx/CVE-2014-4263.json
View File

@ -1,462 +1,462 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4263",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to \"Diffie-Hellman key agreement.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681966",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10083",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10083"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683429",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683438",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685121",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685122",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685178",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685242",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686142",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688893",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691089",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529",
"refsource" : "CONFIRM",
"url" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21681644",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21683518",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683338",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name" : "https://www.ibm.com/support/docview.wss?uid=swg21680418",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681379",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name" : "DSA-2980",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2980"
},
{
"name" : "DSA-2987",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2987"
},
{
"name" : "GLSA-201502-12",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name" : "HPSBUX03091",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name" : "HPSBUX03092",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "SSRT101667",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name" : "SSRT101668",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "RHSA-2015:0264",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name" : "RHSA-2014:0902",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name" : "RHSA-2014:0908",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name" : "SUSE-SU-2015:0344",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name" : "SUSE-SU-2015:0376",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name" : "SUSE-SU-2015:0392",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name" : "68636",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68636"
},
{
"name" : "1030577",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030577"
},
{
"name" : "59503",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59503"
},
{
"name" : "60245",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60245"
},
{
"name" : "60326",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60326"
},
{
"name" : "60831",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60831"
},
{
"name" : "60890",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60890"
},
{
"name" : "58830",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58830"
},
{
"name" : "61215",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61215"
},
{
"name" : "61278",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61278"
},
{
"name" : "61293",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61293"
},
{
"name" : "61294",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61294"
},
{
"name" : "61469",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61469"
},
{
"name" : "61846",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61846"
},
{
"name" : "60081",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60081"
},
{
"name" : "60317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60317"
},
{
"name" : "61577",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61577"
},
{
"name" : "61640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61640"
},
{
"name" : "60180",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60180"
},
{
"name" : "60846",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60846"
},
{
"name" : "62314",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62314"
},
{
"name" : "62319",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62319"
},
{
"name" : "59404",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59404"
},
{
"name" : "60817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60817"
},
{
"name" : "60335",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60335"
},
{
"name" : "60839",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60839"
},
{
"name" : "61254",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61254"
},
{
"name" : "61264",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61264"
},
{
"name" : "60485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60485"
},
{
"name" : "59985",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59985"
},
{
"name" : "59986",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59986"
},
{
"name" : "59924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59924"
},
{
"name" : "59987",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59987"
},
{
"name" : "59680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59680"
},
{
"name" : "60622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60622"
},
{
"name" : "60002",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60002"
},
{
"name" : "60031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60031"
},
{
"name" : "60032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60032"
},
{
"name" : "60129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60129"
},
{
"name" : "60497",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60497"
},
{
"name" : "60812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60812"
},
{
"name" : "oracle-cpujul2014-cve20144263(94606)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to \"Diffie-Hellman key agreement.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2987",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "60129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62314"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21681644",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"name": "58830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58830"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name": "DSA-2980",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61254"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"name": "59987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60335"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
},
{
"name": "68636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68636"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name": "60831",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61469"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21683518",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "60180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60180"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59986"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60245"
},
{
"name": "60817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60497"
},
{
"name": "oracle-cpujul2014-cve20144263(94606)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59680"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61293"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21680418",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10083",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10083"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60032"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61640"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59503"
},
{
"name": "60839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60839"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "62319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62319"
},
{
"name": "59404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59404"
}
]
}
}

140
2014/4xxx/CVE-2014-4887.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4887",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-4887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#472321",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/472321"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#472321",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/472321"
}
]
}
}

140
2014/5xxx/CVE-2014-5918.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5918",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Secret Circle - talk freely (aka com.easyxapp.secret) application 2.2.00.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#673841",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/673841"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Secret Circle - talk freely (aka com.easyxapp.secret) application 2.2.00.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#673841",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/673841"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

130
2014/9xxx/CVE-2014-9134.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9134",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-396206.htm",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-396206.htm"
},
{
"name" : "69806",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69806"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69806"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-396206.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-396206.htm"
}
]
}
}

160
2014/9xxx/CVE-2014-9220.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9220",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20141201 CVE request: OpenVAS Manager SQL injection (OVSA20141128)",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/11/30/2"
},
{
"name" : "http://www.openvas.org/OVSA20141128.html",
"refsource" : "CONFIRM",
"url" : "http://www.openvas.org/OVSA20141128.html"
},
{
"name" : "https://www.alienvault.com/forums/discussion/4415/",
"refsource" : "CONFIRM",
"url" : "https://www.alienvault.com/forums/discussion/4415/"
},
{
"name" : "FEDORA-2014-17049",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147753.html"
},
{
"name" : "openSUSE-SU-2015:0247",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00039.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:0247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00039.html"
},
{
"name": "[oss-security] 20141201 CVE request: OpenVAS Manager SQL injection (OVSA20141128)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/11/30/2"
},
{
"name": "FEDORA-2014-17049",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147753.html"
},
{
"name": "http://www.openvas.org/OVSA20141128.html",
"refsource": "CONFIRM",
"url": "http://www.openvas.org/OVSA20141128.html"
},
{
"name": "https://www.alienvault.com/forums/discussion/4415/",
"refsource": "CONFIRM",
"url": "https://www.alienvault.com/forums/discussion/4415/"
}
]
}
}

150
2016/3xxx/CVE-2016-3566.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3566",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3568, CVE-2016-3569, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91851",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91851"
},
{
"name" : "1036393",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036393"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3568, CVE-2016-3569, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91851"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "1036393",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036393"
}
]
}
}

130
2016/7xxx/CVE-2016-7443.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7443",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to \"uploading files to wrong location.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/exponentcms/exponent-cms/releases/tag/v2.4.0",
"refsource" : "CONFIRM",
"url" : "https://github.com/exponentcms/exponent-cms/releases/tag/v2.4.0"
},
{
"name" : "http://www.exponentcms.org/news/patch-1-released-for-v2-3-9",
"refsource" : "CONFIRM",
"url" : "http://www.exponentcms.org/news/patch-1-released-for-v2-3-9"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to \"uploading files to wrong location.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/exponentcms/exponent-cms/releases/tag/v2.4.0",
"refsource": "CONFIRM",
"url": "https://github.com/exponentcms/exponent-cms/releases/tag/v2.4.0"
},
{
"name": "http://www.exponentcms.org/news/patch-1-released-for-v2-3-9",
"refsource": "CONFIRM",
"url": "http://www.exponentcms.org/news/patch-1-released-for-v2-3-9"
}
]
}
}

170
2016/7xxx/CVE-2016-7553.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7553",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-7553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160924 CVE Request: irssi: information disclosure vulnerabilit in buf.pl",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/24/1"
},
{
"name" : "[oss-security] 20160926 Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/26/4"
},
{
"name" : "https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a",
"refsource" : "CONFIRM",
"url" : "https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a"
},
{
"name" : "https://irssi.org/security/buf_pl_sa_2016.txt",
"refsource" : "CONFIRM",
"url" : "https://irssi.org/security/buf_pl_sa_2016.txt"
},
{
"name" : "FEDORA-2016-39de4eb5e7",
"refsource" : "FEDORA",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OM3WHWQ7RIAOZSOZZUM4CUYGKSIAGJJ/"
},
{
"name" : "93155",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93155"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160926 Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/26/4"
},
{
"name": "[oss-security] 20160924 CVE Request: irssi: information disclosure vulnerabilit in buf.pl",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/24/1"
},
{
"name": "https://irssi.org/security/buf_pl_sa_2016.txt",
"refsource": "CONFIRM",
"url": "https://irssi.org/security/buf_pl_sa_2016.txt"
},
{
"name": "https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a",
"refsource": "CONFIRM",
"url": "https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a"
},
{
"name": "FEDORA-2016-39de4eb5e7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OM3WHWQ7RIAOZSOZZUM4CUYGKSIAGJJ/"
},
{
"name": "93155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93155"
}
]
}
}

34
2016/7xxx/CVE-2016-7715.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7715",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7715",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

120
2016/7xxx/CVE-2016-7759.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7759",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the \"Springboard\" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT207143",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207143"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the \"Springboard\" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}
}

150
2016/8xxx/CVE-2016-8023.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"ID" : "CVE-2016-8023",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "VirusScan Enterprise Linux (VSEL)",
"version" : {
"version_data" : [
{
"version_value" : "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name" : "Intel"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Authentication bypass by assumed-immutable data vulnerability"
}
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "40911",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40911/"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181"
},
{
"name" : "94823",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94823"
},
{
"name" : "1037433",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037433"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass by assumed-immutable data vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}

34
2016/8xxx/CVE-2016-8134.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8134",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8134",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/8xxx/CVE-2016-8136.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8136",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8136",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/8xxx/CVE-2016-8160.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8160",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8160",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

136
2016/8xxx/CVE-2016-8407.json
View File

@ -1,70 +1,70 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8407",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31802656."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel-3.10"
},
{
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94686",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94686"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31802656."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "94686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94686"
}
]
}
}

142
2016/8xxx/CVE-2016-8482.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-01-03T00:00:00",
"ID" : "CVE-2016-8482",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-01-03T00:00:00",
"ID": "CVE-2016-8482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-01-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-01-01"
},
{
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource" : "CONFIRM",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name" : "95231",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95231"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95231"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name": "https://source.android.com/security/bulletin/2017-01-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01"
}
]
}
}

34
2016/8xxx/CVE-2016-8607.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8607",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8607",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/9xxx/CVE-2016-9156.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "productcert@siemens.com",
"ID" : "CVE-2016-9156",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Siemens SICAM PAS through V8.08",
"version" : {
"version_data" : [
{
"version_value" : "Siemens SICAM PAS through V8.08"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "file manipulation"
}
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2016-9156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Siemens SICAM PAS through V8.08",
"version": {
"version_data": [
{
"version_value": "Siemens SICAM PAS through V8.08"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf"
},
{
"name" : "94549",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94549"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "file manipulation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94549"
},
{
"name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf"
}
]
}
}

34
2016/9xxx/CVE-2016-9528.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9528",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9528",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

132
2016/9xxx/CVE-2016-9686.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@puppet.com",
"ID" : "CVE-2016-9686",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Puppet Enterprise",
"version" : {
"version_data" : [
{
"version_value" : "2015.3.x"
},
{
"version_value" : "2016.x prior to 2016.4.3"
},
{
"version_value" : "2016.5.1."
}
]
}
}
]
},
"vendor_name" : "Puppet"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"ID": "CVE-2016-9686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet Enterprise",
"version": {
"version_data": [
{
"version_value": "2015.3.x"
},
{
"version_value": "2016.x prior to 2016.4.3"
},
{
"version_value": "2016.5.1."
}
]
}
}
]
},
"vendor_name": "Puppet"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://puppet.com/security/cve/cve-2016-9686",
"refsource" : "CONFIRM",
"url" : "https://puppet.com/security/cve/cve-2016-9686"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2016-9686",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2016-9686"
}
]
}
}

130
2016/9xxx/CVE-2016-9797.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9797",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In BlueZ 5.42, a buffer over-read was observed in \"l2cap_dump\" function in \"tools/parser/l2cap.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.spinics.net/lists/linux-bluetooth/msg68892.html",
"refsource" : "MISC",
"url" : "https://www.spinics.net/lists/linux-bluetooth/msg68892.html"
},
{
"name" : "94652",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94652"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BlueZ 5.42, a buffer over-read was observed in \"l2cap_dump\" function in \"tools/parser/l2cap.c\" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.spinics.net/lists/linux-bluetooth/msg68892.html",
"refsource": "MISC",
"url": "https://www.spinics.net/lists/linux-bluetooth/msg68892.html"
},
{
"name": "94652",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94652"
}
]
}
}

34
2019/2xxx/CVE-2019-2121.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2121",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2121",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2687.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2687",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2687",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2715.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2715",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2715",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}