admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:39:37 +00:00
parent 829d15a842
commit 212c9d4787
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 4335 additions and 4335 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
2006/1xxx/CVE-2006-1141.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1141",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://cvs.sourceforge.net/viewcvs.py/qmailadmin/qmailadmin/qmailadmin.c?r1=1.6.2.10&r2=1.6.2.11",
"refsource" : "MISC",
"url" : "http://cvs.sourceforge.net/viewcvs.py/qmailadmin/qmailadmin/qmailadmin.c?r1=1.6.2.10&r2=1.6.2.11"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=6691&release_id=395211",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=6691&release_id=395211"
},
{
"name" : "GLSA-200611-15",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200611-15.xml"
},
{
"name" : "16994",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16994"
},
{
"name" : "ADV-2006-0852",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0852"
},
{
"name" : "23705",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23705"
},
{
"name" : "19262",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19262"
},
{
"name" : "23019",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23019"
},
{
"name" : "qmialadmin-qmailadmin-bo(25065)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25065"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=6691&release_id=395211",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=6691&release_id=395211"
},
{
"name": "qmialadmin-qmailadmin-bo(25065)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25065"
},
{
"name": "GLSA-200611-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200611-15.xml"
},
{
"name": "23705",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23705"
},
{
"name": "23019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23019"
},
{
"name": "19262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19262"
},
{
"name": "16994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16994"
},
{
"name": "ADV-2006-0852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0852"
},
{
"name": "http://cvs.sourceforge.net/viewcvs.py/qmailadmin/qmailadmin/qmailadmin.c?r1=1.6.2.10&r2=1.6.2.11",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/qmailadmin/qmailadmin/qmailadmin.c?r1=1.6.2.10&r2=1.6.2.11"
}
]
}
}

690
2006/1xxx/CVE-2006-1173.json
View File

@ -1,347 +1,347 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1173",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060620 Sendmail MIME DoS vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437928/100/0/threaded"
},
{
"name" : "20060621 Re: Sendmail MIME DoS vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438241/100/0/threaded"
},
{
"name" : "20060624 Re: Sendmail MIME DoS vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438330/100/0/threaded"
},
{
"name" : "20060721 rPSA-2006-0134-1 sendmail sendmail-cf",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440744/100/0/threaded"
},
{
"name" : "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc",
"refsource" : "CONFIRM",
"url" : "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"
},
{
"name" : "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html",
"refsource" : "CONFIRM",
"url" : "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"
},
{
"name" : "http://www.f-secure.com/security/fsc-2006-5.shtml",
"refsource" : "CONFIRM",
"url" : "http://www.f-secure.com/security/fsc-2006-5.shtml"
},
{
"name" : "https://issues.rpath.com/browse/RPL-526",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-526"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"
},
{
"name" : "IY85415",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"
},
{
"name" : "IY85930",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"
},
{
"name" : "DSA-1155",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1155"
},
{
"name" : "FreeBSD-SA-06:17.sendmail",
"refsource" : "FREEBSD",
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"
},
{
"name" : "GLSA-200606-19",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"
},
{
"name" : "HPSBTU02116",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"
},
{
"name" : "SSRT061135",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"
},
{
"name" : "HPSBUX02124",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/442939/100/0/threaded"
},
{
"name" : "SSRT061159",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/442939/100/0/threaded"
},
{
"name" : "MDKSA-2006:104",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"
},
{
"name" : "[3.8] 008: SECURITY FIX: June 15, 2006",
"refsource" : "OPENBSD",
"url" : "http://www.openbsd.org/errata38.html#sendmail2"
},
{
"name" : "RHSA-2006:0515",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0515.html"
},
{
"name" : "20060601-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"
},
{
"name" : "20060602-01-U",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name" : "SSA:2006-166-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"
},
{
"name" : "102460",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"
},
{
"name" : "SUSE-SA:2006:032",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"
},
{
"name" : "VU#146718",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/146718"
},
{
"name" : "18433",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18433"
},
{
"name" : "oval:org.mitre.oval:def:11253",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"
},
{
"name" : "ADV-2006-2189",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2189"
},
{
"name" : "ADV-2006-2351",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2351"
},
{
"name" : "ADV-2006-2388",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2388"
},
{
"name" : "ADV-2006-2389",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2389"
},
{
"name" : "ADV-2006-2390",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2390"
},
{
"name" : "ADV-2006-2798",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2798"
},
{
"name" : "ADV-2006-3135",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3135"
},
{
"name" : "26197",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26197"
},
{
"name" : "1016295",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016295"
},
{
"name" : "15779",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15779"
},
{
"name" : "20473",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20473"
},
{
"name" : "20641",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20641"
},
{
"name" : "20650",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20650"
},
{
"name" : "20651",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20651"
},
{
"name" : "20654",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20654"
},
{
"name" : "20673",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20673"
},
{
"name" : "20675",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20675"
},
{
"name" : "20679",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20679"
},
{
"name" : "20683",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20683"
},
{
"name" : "20684",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20684"
},
{
"name" : "20694",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20694"
},
{
"name" : "20726",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20726"
},
{
"name" : "20782",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20782"
},
{
"name" : "21042",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21042"
},
{
"name" : "21160",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21160"
},
{
"name" : "21327",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21327"
},
{
"name" : "21612",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21612"
},
{
"name" : "21647",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21647"
},
{
"name" : "sendmail-multipart-mime-dos(27128)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IY85415",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"
},
{
"name": "HPSBTU02116",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"
},
{
"name": "DSA-1155",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1155"
},
{
"name": "[3.8] 008: SECURITY FIX: June 15, 2006",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata38.html#sendmail2"
},
{
"name": "20684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20684"
},
{
"name": "HPSBUX02124",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"
},
{
"name": "ADV-2006-2388",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2388"
},
{
"name": "20726",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20726"
},
{
"name": "oval:org.mitre.oval:def:11253",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"
},
{
"name": "ADV-2006-2351",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2351"
},
{
"name": "21327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21327"
},
{
"name": "RHSA-2006:0515",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"
},
{
"name": "ADV-2006-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2389"
},
{
"name": "21647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21647"
},
{
"name": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html",
"refsource": "CONFIRM",
"url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-526",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-526"
},
{
"name": "20651",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20651"
},
{
"name": "20683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20683"
},
{
"name": "20650",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20650"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"
},
{
"name": "20782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20782"
},
{
"name": "ADV-2006-3135",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3135"
},
{
"name": "1016295",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016295"
},
{
"name": "20694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20694"
},
{
"name": "20473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20473"
},
{
"name": "ADV-2006-2189",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2189"
},
{
"name": "20060721 rPSA-2006-0134-1 sendmail sendmail-cf",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"
},
{
"name": "20060601-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"
},
{
"name": "ADV-2006-2798",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2798"
},
{
"name": "102460",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"
},
{
"name": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc",
"refsource": "CONFIRM",
"url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"
},
{
"name": "20060602-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "MDKSA-2006:104",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"
},
{
"name": "sendmail-multipart-mime-dos(27128)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"
},
{
"name": "20673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20673"
},
{
"name": "http://www.f-secure.com/security/fsc-2006-5.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-5.shtml"
},
{
"name": "20060621 Re: Sendmail MIME DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"
},
{
"name": "21612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21612"
},
{
"name": "20654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20654"
},
{
"name": "ADV-2006-2390",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2390"
},
{
"name": "SSA:2006-166-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"
},
{
"name": "GLSA-200606-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"
},
{
"name": "18433",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18433"
},
{
"name": "20675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20675"
},
{
"name": "SUSE-SA:2006:032",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"
},
{
"name": "FreeBSD-SA-06:17.sendmail",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"
},
{
"name": "20060620 Sendmail MIME DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"
},
{
"name": "SSRT061159",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"
},
{
"name": "VU#146718",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/146718"
},
{
"name": "SSRT061135",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"
},
{
"name": "15779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15779"
},
{
"name": "20641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20641"
},
{
"name": "20679",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20679"
},
{
"name": "26197",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26197"
},
{
"name": "21042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21042"
},
{
"name": "21160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21160"
},
{
"name": "IY85930",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"
},
{
"name": "20060624 Re: Sendmail MIME DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"
}
]
}
}

210
2006/1xxx/CVE-2006-1508.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1508",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3) start parameters in (a) ViewDay.html; the (4) txtSearch and (5) opgSearch parameters in (b) ViewSearch.html; the (6) calendar_id and (7) approved parameters in (c) ViewYear.html; the (8) item_type_id parameter in (d) ViewCal.html; and the (9) week parameter in (e) ViewWeek.html."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://pridels0.blogspot.com/2006/03/connect-daily-multiple-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/03/connect-daily-multiple-xss-vuln.html"
},
{
"name" : "17287",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17287"
},
{
"name" : "ADV-2006-1125",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1125"
},
{
"name" : "24181",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24181"
},
{
"name" : "24182",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24182"
},
{
"name" : "24183",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24183"
},
{
"name" : "24184",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24184"
},
{
"name" : "24185",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24185"
},
{
"name" : "19434",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19434"
},
{
"name" : "connectdailywebcalendar-multiple-xss(25474)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25474"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3) start parameters in (a) ViewDay.html; the (4) txtSearch and (5) opgSearch parameters in (b) ViewSearch.html; the (6) calendar_id and (7) approved parameters in (c) ViewYear.html; the (8) item_type_id parameter in (d) ViewCal.html; and the (9) week parameter in (e) ViewWeek.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pridels0.blogspot.com/2006/03/connect-daily-multiple-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/03/connect-daily-multiple-xss-vuln.html"
},
{
"name": "24184",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24184"
},
{
"name": "24185",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24185"
},
{
"name": "19434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19434"
},
{
"name": "connectdailywebcalendar-multiple-xss(25474)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25474"
},
{
"name": "ADV-2006-1125",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1125"
},
{
"name": "24183",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24183"
},
{
"name": "24181",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24181"
},
{
"name": "24182",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24182"
},
{
"name": "17287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17287"
}
]
}
}

190
2006/1xxx/CVE-2006-1781.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1781",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. NOTE: It was later reported that 1.4.2 and earlier are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3530",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3530"
},
{
"name" : "http://pridels0.blogspot.com/2006/04/monstertoplist.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/04/monstertoplist.html"
},
{
"name" : "17546",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17546"
},
{
"name" : "23074",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23074"
},
{
"name" : "ADV-2006-1350",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1350"
},
{
"name" : "24650",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24650"
},
{
"name" : "19688",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19688"
},
{
"name" : "monstertoplist-functions-file-include(25774)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25774"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. NOTE: It was later reported that 1.4.2 and earlier are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3530",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3530"
},
{
"name": "19688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19688"
},
{
"name": "monstertoplist-functions-file-include(25774)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25774"
},
{
"name": "ADV-2006-1350",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1350"
},
{
"name": "17546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17546"
},
{
"name": "http://pridels0.blogspot.com/2006/04/monstertoplist.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/04/monstertoplist.html"
},
{
"name": "23074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23074"
},
{
"name": "24650",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24650"
}
]
}
}

190
2006/5xxx/CVE-2006-5328.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5328",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.digitalmunition.com/DMA[2006-1016a].txt",
"refsource" : "MISC",
"url" : "http://www.digitalmunition.com/DMA[2006-1016a].txt"
},
{
"name" : "http://www.digitalmunition.com/Xcode_OpenBase_createfile.pl",
"refsource" : "MISC",
"url" : "http://www.digitalmunition.com/Xcode_OpenBase_createfile.pl"
},
{
"name" : "APPLE-SA-2007-10-30",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html"
},
{
"name" : "20562",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20562"
},
{
"name" : "ADV-2007-3665",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3665"
},
{
"name" : "1018872",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018872"
},
{
"name" : "22390",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22390"
},
{
"name" : "27441",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27441"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22390"
},
{
"name": "27441",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27441"
},
{
"name": "ADV-2007-3665",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3665"
},
{
"name": "1018872",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018872"
},
{
"name": "APPLE-SA-2007-10-30",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html"
},
{
"name": "20562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20562"
},
{
"name": "http://www.digitalmunition.com/DMA[2006-1016a].txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA[2006-1016a].txt"
},
{
"name": "http://www.digitalmunition.com/Xcode_OpenBase_createfile.pl",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/Xcode_OpenBase_createfile.pl"
}
]
}
}

200
2006/5xxx/CVE-2006-5363.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5363",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name" : "TA06-291A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
},
{
"name" : "20588",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20588"
},
{
"name" : "ADV-2006-4065",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name" : "1017077",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017077"
},
{
"name" : "22396",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22396"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html"
},
{
"name": "20588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20588"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449711/100/0/threaded"
},
{
"name": "ADV-2006-4065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4065"
},
{
"name": "22396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22396"
},
{
"name": "1017077",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017077"
},
{
"name": "TA06-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-291A.html"
}
]
}
}

170
2006/5xxx/CVE-2006-5489.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5489",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788",
"refsource" : "CONFIRM",
"url" : "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788"
},
{
"name" : "ADV-2006-4133",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4133"
},
{
"name" : "29897",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29897"
},
{
"name" : "1017101",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017101"
},
{
"name" : "22408",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22408"
},
{
"name" : "blackberry-unspecified-dos(29678)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29897",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29897"
},
{
"name": "blackberry-unspecified-dos(29678)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29678"
},
{
"name": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/knowledgecenterpublic/livelink.exe/4.1.2_HF1_Release_Notes?func=doc.Fetch&nodeId=1276788"
},
{
"name": "1017101",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017101"
},
{
"name": "ADV-2006-4133",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4133"
},
{
"name": "22408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22408"
}
]
}
}

150
2006/5xxx/CVE-2006-5717.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5717",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Data Client Library (ZendGData) Preview 0.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) basedemo.php and (2) calenderdemo.php in samples/, and other unspecified files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5717",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061101 Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450245/100/0/threaded"
},
{
"name" : "http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008",
"refsource" : "MISC",
"url" : "http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008"
},
{
"name" : "20851",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20851"
},
{
"name" : "1815",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1815"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Data Client Library (ZendGData) Preview 0.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) basedemo.php and (2) calenderdemo.php in samples/, and other unspecified files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061101 Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450245/100/0/threaded"
},
{
"name": "20851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20851"
},
{
"name": "http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008",
"refsource": "MISC",
"url": "http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008"
},
{
"name": "1815",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1815"
}
]
}
}

190
2007/2xxx/CVE-2007-2484.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2484",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070502 [ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/467363/100/0/threaded"
},
{
"name" : "3824",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3824"
},
{
"name" : "http://advisories.echo.or.id/adv/adv82-K-159-2007.txt",
"refsource" : "MISC",
"url" : "http://advisories.echo.or.id/adv/adv82-K-159-2007.txt"
},
{
"name" : "http://alexrabe.boelinger.com/",
"refsource" : "CONFIRM",
"url" : "http://alexrabe.boelinger.com/"
},
{
"name" : "34357",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34357"
},
{
"name" : "ADV-2007-1614",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1614"
},
{
"name" : "25063",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25063"
},
{
"name" : "wptable-button-file-include(33989)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33989"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3824",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3824"
},
{
"name": "25063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25063"
},
{
"name": "34357",
"refsource": "OSVDB",
"url": "http://osvdb.org/34357"
},
{
"name": "20070502 [ECHO_ADV_82$2007] wordpress plugins wp-Table <= 1.43 (wpPATH) Remote File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467363/100/0/threaded"
},
{
"name": "wptable-button-file-include(33989)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33989"
},
{
"name": "http://alexrabe.boelinger.com/",
"refsource": "CONFIRM",
"url": "http://alexrabe.boelinger.com/"
},
{
"name": "ADV-2007-1614",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1614"
},
{
"name": "http://advisories.echo.or.id/adv/adv82-K-159-2007.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv82-K-159-2007.txt"
}
]
}
}

160
2007/2xxx/CVE-2007-2573.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2573",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3860",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3860"
},
{
"name" : "ADV-2007-1675",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1675"
},
{
"name" : "35819",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35819"
},
{
"name" : "25174",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25174"
},
{
"name" : "phptree-cms2-file-include(34106)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34106"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phptree-cms2-file-include(34106)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34106"
},
{
"name": "3860",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3860"
},
{
"name": "25174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25174"
},
{
"name": "ADV-2007-1675",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1675"
},
{
"name": "35819",
"refsource": "OSVDB",
"url": "http://osvdb.org/35819"
}
]
}
}

170
2007/2xxx/CVE-2007-2655.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2655",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.netwinsite.com/surgemail/help/updates.htm",
"refsource" : "CONFIRM",
"url" : "http://www.netwinsite.com/surgemail/help/updates.htm"
},
{
"name" : "23908",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23908"
},
{
"name" : "ADV-2007-1755",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1755"
},
{
"name" : "35891",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35891"
},
{
"name" : "25207",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25207"
},
{
"name" : "surgemail-unspecified-security-bypass(34217)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34217"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "surgemail-unspecified-security-bypass(34217)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34217"
},
{
"name": "35891",
"refsource": "OSVDB",
"url": "http://osvdb.org/35891"
},
{
"name": "ADV-2007-1755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1755"
},
{
"name": "http://www.netwinsite.com/surgemail/help/updates.htm",
"refsource": "CONFIRM",
"url": "http://www.netwinsite.com/surgemail/help/updates.htm"
},
{
"name": "23908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23908"
},
{
"name": "25207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25207"
}
]
}
}

190
2010/0xxx/CVE-2010-0116.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0116",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-0116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://secunia.com/secunia_research/2010-3/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2010-3/"
},
{
"name" : "http://service.real.com/realplayer/security/08262010_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/08262010_player/en/"
},
{
"name" : "oval:org.mitre.oval:def:7326",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7326"
},
{
"name" : "1024370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024370"
},
{
"name" : "41096",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41096"
},
{
"name" : "41154",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41154"
},
{
"name" : "ADV-2010-2216",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2216"
},
{
"name" : "realplayer-qcp-bo(61420)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61420"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-2216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2216"
},
{
"name": "41096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41096"
},
{
"name": "realplayer-qcp-bo(61420)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61420"
},
{
"name": "oval:org.mitre.oval:def:7326",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7326"
},
{
"name": "http://service.real.com/realplayer/security/08262010_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/08262010_player/en/"
},
{
"name": "1024370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024370"
},
{
"name": "41154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41154"
},
{
"name": "http://secunia.com/secunia_research/2010-3/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-3/"
}
]
}
}

140
2010/0xxx/CVE-2010-0401.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0401",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.openttd.org/task/3754",
"refsource" : "CONFIRM",
"url" : "http://bugs.openttd.org/task/3754"
},
{
"name" : "http://security.openttd.org/en/CVE-2010-0401",
"refsource" : "CONFIRM",
"url" : "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name" : "39669",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39669"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending a company password packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.openttd.org/en/CVE-2010-0401",
"refsource": "CONFIRM",
"url": "http://security.openttd.org/en/CVE-2010-0401"
},
{
"name": "39669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39669"
},
{
"name": "http://bugs.openttd.org/task/3754",
"refsource": "CONFIRM",
"url": "http://bugs.openttd.org/task/3754"
}
]
}
}

440
2010/0xxx/CVE-2010-0433.json
View File

@ -1,222 +1,222 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0433",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "[dovecot] 20100219 segfault - (imap|pop3)-login during nessus scan",
"refsource" : "MLIST",
"url" : "http://www.mail-archive.com/dovecot@dovecot.org/msg26224.html"
},
{
"name" : "[oss-security] 20100303 OpenSSL (with KRB5) remote crash - CVE-2010-0433",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/03/5"
},
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
"refsource" : "MLIST",
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
},
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
"refsource" : "MLIST",
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
},
{
"name" : "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7",
"refsource" : "MISC",
"url" : "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7"
},
{
"name" : "http://cvs.openssl.org/chngview?cn=19374",
"refsource" : "CONFIRM",
"url" : "http://cvs.openssl.org/chngview?cn=19374"
},
{
"name" : "http://www.openssl.org/news/changelog.html",
"refsource" : "CONFIRM",
"url" : "http://www.openssl.org/news/changelog.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=567711",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=567711"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=569774",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=569774"
},
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
},
{
"name" : "https://kb.bluecoat.com/index?page=content&id=SA50",
"refsource" : "CONFIRM",
"url" : "https://kb.bluecoat.com/index?page=content&id=SA50"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name" : "FEDORA-2010-5744",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
},
{
"name" : "FEDORA-2010-5357",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
},
{
"name" : "HPSBUX02517",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name" : "HPSBUX02531",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name" : "SSRT100058",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name" : "SSRT100108",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name" : "MDVSA-2010:076",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name" : "oval:org.mitre.oval:def:9856",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856"
},
{
"name" : "oval:org.mitre.oval:def:12260",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260"
},
{
"name" : "oval:org.mitre.oval:def:6718",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718"
},
{
"name" : "39461",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39461"
},
{
"name" : "39932",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39932"
},
{
"name" : "42724",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42724"
},
{
"name" : "42733",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42733"
},
{
"name" : "43311",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43311"
},
{
"name" : "ADV-2010-0839",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0839"
},
{
"name" : "ADV-2010-0933",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name" : "ADV-2010-0916",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0916"
},
{
"name" : "ADV-2010-1216",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1216"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0916",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0916"
},
{
"name": "42724",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42724"
},
{
"name": "39461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39461"
},
{
"name": "oval:org.mitre.oval:def:9856",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9856"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=569774",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=569774"
},
{
"name": "FEDORA-2010-5357",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
},
{
"name": "HPSBUX02531",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name": "oval:org.mitre.oval:def:12260",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12260"
},
{
"name": "[oss-security] 20100303 OpenSSL (with KRB5) remote crash - CVE-2010-0433",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/03/5"
},
{
"name": "[dovecot] 20100219 segfault - (imap|pop3)-login during nessus scan",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/dovecot@dovecot.org/msg26224.html"
},
{
"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
"refsource": "MLIST",
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=567711",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=567711"
},
{
"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name": "ADV-2010-0839",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0839"
},
{
"name": "http://cvs.openssl.org/chngview?cn=19374",
"refsource": "CONFIRM",
"url": "http://cvs.openssl.org/chngview?cn=19374"
},
{
"name": "SSRT100108",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
},
{
"name": "MDVSA-2010:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
},
{
"name": "HPSBUX02517",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
"refsource": "MLIST",
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
},
{
"name": "39932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39932"
},
{
"name": "http://www.openssl.org/news/changelog.html",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/changelog.html"
},
{
"name": "ADV-2010-0933",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "SSRT100058",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2"
},
{
"name": "https://kb.bluecoat.com/index?page=content&id=SA50",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content&id=SA50"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "43311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43311"
},
{
"name": "ADV-2010-1216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1216"
},
{
"name": "oval:org.mitre.oval:def:6718",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6718"
},
{
"name": "42733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42733"
},
{
"name": "FEDORA-2010-5744",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
},
{
"name": "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7",
"refsource": "MISC",
"url": "http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/c3e1ab0034ca4b4c/66aa896c3a78b2f7"
}
]
}
}

130
2010/0xxx/CVE-2010-0924.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0924",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://nobytes.com/exploits/Safari_4.0.4_background_DoS_pl.txt",
"refsource" : "MISC",
"url" : "http://nobytes.com/exploits/Safari_4.0.4_background_DoS_pl.txt"
},
{
"name" : "38447",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38447"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38447",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38447"
},
{
"name": "http://nobytes.com/exploits/Safari_4.0.4_background_DoS_pl.txt",
"refsource": "MISC",
"url": "http://nobytes.com/exploits/Safari_4.0.4_background_DoS_pl.txt"
}
]
}
}

230
2010/1xxx/CVE-2010-1187.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1187",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "[oss-security] 20100330 CVE request: kernel: tipc: Fix oops on send prior to entering networked mode",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/30/1"
},
{
"name" : "[oss-security] 20100331 Re: CVE request: kernel: tipc: Fix oops on send prior to entering networked mode",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/03/31/1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=578057",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=578057"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6;hp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6;hp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "DSA-2053",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2053"
},
{
"name" : "MDVSA-2010:198",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name" : "39120",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39120"
},
{
"name" : "oval:org.mitre.oval:def:9832",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9832"
},
{
"name" : "39830",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39830"
},
{
"name" : "43315",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43315"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6;hp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6;hp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=578057",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578057"
},
{
"name": "39120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39120"
},
{
"name": "43315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43315"
},
{
"name": "[oss-security] 20100331 Re: CVE request: kernel: tipc: Fix oops on send prior to entering networked mode",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/31/1"
},
{
"name": "oval:org.mitre.oval:def:9832",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9832"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "[oss-security] 20100330 CVE request: kernel: tipc: Fix oops on send prior to entering networked mode",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/03/30/1"
},
{
"name": "DSA-2053",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
}
]
}
}

160
2010/1xxx/CVE-2010-1325.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1325",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named \"Apache SLMS,\" but that is incorrect."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.novell.com/security/cve/CVE-2010-1325.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/security/cve/CVE-2010-1325.html"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=588284",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=588284"
},
{
"name" : "SUSE-SR:2010:014",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name" : "42121",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42121"
},
{
"name" : "apacheslms-quoting-csrf(61006)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61006"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named \"Apache SLMS,\" but that is incorrect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=588284",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=588284"
},
{
"name": "42121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42121"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "http://support.novell.com/security/cve/CVE-2010-1325.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/security/cve/CVE-2010-1325.html"
},
{
"name": "apacheslms-quoting-csrf(61006)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61006"
}
]
}
}

120
2010/1xxx/CVE-2010-1816.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1816",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "APPLE-SA-2016-01-28-4188",
"refsource" : "APPLE",
"url" : "https://support.apple.com/en-us/HT4188"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-01-28-4188",
"refsource": "APPLE",
"url": "https://support.apple.com/en-us/HT4188"
}
]
}
}

160
2010/1xxx/CVE-2010-1875.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1875",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "11851",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11851"
},
{
"name" : "38912",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38912"
},
{
"name" : "63143",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/63143"
},
{
"name" : "39074",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39074"
},
{
"name" : "realestate-index-file-include(57110)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57110"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11851",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11851"
},
{
"name": "realestate-index-file-include(57110)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57110"
},
{
"name": "39074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39074"
},
{
"name": "38912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38912"
},
{
"name": "63143",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/63143"
}
]
}
}

140
2010/1xxx/CVE-2010-1900.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1900",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka \"Word Record Parsing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-1900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS10-056",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
},
{
"name" : "TA10-222A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name" : "oval:org.mitre.oval:def:11490",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11490"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka \"Word Record Parsing Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA10-222A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name": "oval:org.mitre.oval:def:11490",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11490"
},
{
"name": "MS10-056",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
}
]
}
}

190
2010/4xxx/CVE-2010-4166.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4166",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20101031 Joomla 1.5.21 | Potential SQL Injection Flaws",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0514.html"
},
{
"name" : "[oss-security] 20101112 CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/11/12/5"
},
{
"name" : "[oss-security] 20101112 Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/11/12/6"
},
{
"name" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg"
},
{
"name" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg"
},
{
"name" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg"
},
{
"name" : "http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html",
"refsource" : "CONFIRM",
"url" : "http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html"
},
{
"name" : "42133",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42133"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg"
},
{
"name": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg"
},
{
"name": "[oss-security] 20101112 CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/11/12/5"
},
{
"name": "20101031 Joomla 1.5.21 | Potential SQL Injection Flaws",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0514.html"
},
{
"name": "http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html",
"refsource": "CONFIRM",
"url": "http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html"
},
{
"name": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg"
},
{
"name": "42133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42133"
},
{
"name": "[oss-security] 20101112 Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/11/12/6"
}
]
}
}

180
2010/4xxx/CVE-2010-4281.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4281",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : (colon) character."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20101130 Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/514939/100/0/threaded"
},
{
"name" : "15643",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15643"
},
{
"name" : "20101130 Pandora FMS Authentication Bypass and Multiple\tInput Validation Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Nov/326"
},
{
"name" : "http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download"
},
{
"name" : "45112",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45112"
},
{
"name" : "69546",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69546"
},
{
"name" : "42347",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42347"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : (colon) character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42347"
},
{
"name": "20101130 Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514939/100/0/threaded"
},
{
"name": "69546",
"refsource": "OSVDB",
"url": "http://osvdb.org/69546"
},
{
"name": "http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download"
},
{
"name": "45112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45112"
},
{
"name": "20101130 Pandora FMS Authentication Bypass and Multiple\tInput Validation Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Nov/326"
},
{
"name": "15643",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15643"
}
]
}
}

150
2010/4xxx/CVE-2010-4407.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4407",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to inject arbitrary web script or HTML via the (1) nome (nickname), (2) messaggio (message), and (3) link (homepage) parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20101201 [eVuln.com] Multiple XSS in Alguest",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/514960/100/0/threaded"
},
{
"name" : "http://evuln.com/vulns/151/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/151/summary.html"
},
{
"name" : "http://packetstormsecurity.org/files/view/96297/alguest-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/96297/alguest-xss.txt"
},
{
"name" : "45140",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45140"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to inject arbitrary web script or HTML via the (1) nome (nickname), (2) messaggio (message), and (3) link (homepage) parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/view/96297/alguest-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96297/alguest-xss.txt"
},
{
"name": "45140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45140"
},
{
"name": "20101201 [eVuln.com] Multiple XSS in Alguest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514960/100/0/threaded"
},
{
"name": "http://evuln.com/vulns/151/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/151/summary.html"
}
]
}
}

180
2010/4xxx/CVE-2010-4575.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4575",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=60761",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=60761"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html"
},
{
"name" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=68112",
"refsource" : "CONFIRM",
"url" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=68112"
},
{
"name" : "GLSA-201012-01",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml"
},
{
"name" : "45390",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45390"
},
{
"name" : "oval:org.mitre.oval:def:14427",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14427"
},
{
"name" : "42648",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42648"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html"
},
{
"name": "42648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42648"
},
{
"name": "http://src.chromium.org/viewvc/chrome?view=rev&revision=68112",
"refsource": "CONFIRM",
"url": "http://src.chromium.org/viewvc/chrome?view=rev&revision=68112"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=60761",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=60761"
},
{
"name": "45390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45390"
},
{
"name": "oval:org.mitre.oval:def:14427",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14427"
},
{
"name": "GLSA-201012-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml"
}
]
}
}

140
2010/4xxx/CVE-2010-4732.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4732",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name" : "VU#114560",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/114560"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}

120
2014/0xxx/CVE-2014-0336.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0336",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "VU#823452",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/823452"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that use the user_new_master parameter to the adminconsole/ URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#823452",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/823452"
}
]
}
}

170
2014/0xxx/CVE-2014-0383.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0383",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Identity Console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
},
{
"name" : "64842",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64842"
},
{
"name" : "102102",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102102"
},
{
"name" : "1029613",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029613"
},
{
"name" : "56459",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56459"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Identity Console."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029613",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029613"
},
{
"name": "64842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64842"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "102102",
"refsource": "OSVDB",
"url": "http://osvdb.org/102102"
},
{
"name": "56459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56459"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}
}

140
2014/0xxx/CVE-2014-0810.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0810",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5, 2009 before update 6, and 2010 before update 6, and Sanshiro Viewer before 2.0.2.0, allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-0810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.justsystems.com/jp/info/js14001.html",
"refsource" : "CONFIRM",
"url" : "http://www.justsystems.com/jp/info/js14001.html"
},
{
"name" : "JVN#28011378",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN28011378/index.html"
},
{
"name" : "JVNDB-2014-000011",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000011"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5, 2009 before update 6, and 2010 before update 6, and Sanshiro Viewer before 2.0.2.0, allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#28011378",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN28011378/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js14001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14001.html"
},
{
"name": "JVNDB-2014-000011",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000011"
}
]
}
}

140
2014/0xxx/CVE-2014-0921.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0921",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote attackers to cause a denial of service (daemon crash and message data loss) via malformed headers during a WebSockets connection upgrade."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670278",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670278"
},
{
"name" : "IC98583",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98583"
},
{
"name" : "ibm-messagesight-cve20140921-dos(92074)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92074"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The server in IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote attackers to cause a denial of service (daemon crash and message data loss) via malformed headers during a WebSockets connection upgrade."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21670278",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670278"
},
{
"name": "ibm-messagesight-cve20140921-dos(92074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92074"
},
{
"name": "IC98583",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98583"
}
]
}
}

140
2014/0xxx/CVE-2014-0949.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0949",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672572",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672572"
},
{
"name" : "PI15692",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI15692"
},
{
"name" : "ibm-websphere-cve20140949-dos(92622)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92622"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672572",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672572"
},
{
"name": "ibm-websphere-cve20140949-dos(92622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92622"
},
{
"name": "PI15692",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI15692"
}
]
}
}

140
2014/10xxx/CVE-2014-10013.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-10013",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "35204",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35204"
},
{
"name" : "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html"
},
{
"name" : "wp-anotherwpclassifieds-sql-injection(98589)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98589"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html"
},
{
"name": "35204",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35204"
},
{
"name": "wp-anotherwpclassifieds-sql-injection(98589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98589"
}
]
}
}

160
2014/4xxx/CVE-2014-4020.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4020",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2014-07.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2014-07.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beb119f911a698d44f4baa06d888bb1e775983bc",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beb119f911a698d44f4baa06d888bb1e775983bc"
},
{
"name" : "openSUSE-SU-2014:0836",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10030"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9999"
},
{
"name": "openSUSE-SU-2014:0836",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00049.html"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beb119f911a698d44f4baa06d888bb1e775983bc",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=beb119f911a698d44f4baa06d888bb1e775983bc"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2014-07.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2014-07.html"
}
]
}
}

160
2014/4xxx/CVE-2014-4440.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4440",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/kb/HT6535",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6535"
},
{
"name" : "APPLE-SA-2014-10-16-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name" : "70631",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70631"
},
{
"name" : "1031063",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031063"
},
{
"name" : "macosx-cve20144440-sec-bypass(97628)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97628"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "macosx-cve20144440-sec-bypass(97628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97628"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "1031063",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031063"
},
{
"name": "70631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70631"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
}
]
}
}

150
2014/4xxx/CVE-2014-4819.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4819",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682681",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682681"
},
{
"name" : "IT03097",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03097"
},
{
"name" : "61356",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61356"
},
{
"name" : "ibm-websphere-cve20144819-info-disc(95456)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95456"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-websphere-cve20144819-info-disc(95456)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95456"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682681",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682681"
},
{
"name": "61356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61356"
},
{
"name": "IT03097",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03097"
}
]
}
}

340
2014/4xxx/CVE-2014-4943.json
View File

@ -1,172 +1,172 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4943",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "36267",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/36267"
},
{
"name" : "[oss-security] 20140716 CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/07/17/1"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3cf521f7dc87c031617fd47e4b7aa2593c2f3daf",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3cf521f7dc87c031617fd47e4b7aa2593c2f3daf"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1119458",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1119458"
},
{
"name" : "https://github.com/torvalds/linux/commit/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-3047.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-3047.html"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-3048.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-3048.html"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-0924.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0924.html"
},
{
"name" : "DSA-2992",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2992"
},
{
"name" : "RHSA-2014:1025",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1025.html"
},
{
"name" : "SUSE-SU-2014:1316",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
},
{
"name" : "SUSE-SU-2014:1319",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
},
{
"name" : "SUSE-SU-2015:0481",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:0566",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name" : "109277",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/109277"
},
{
"name" : "1030610",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030610"
},
{
"name" : "60071",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60071"
},
{
"name" : "60220",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60220"
},
{
"name" : "60011",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60011"
},
{
"name" : "60380",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60380"
},
{
"name" : "60393",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60393"
},
{
"name" : "59790",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59790"
},
{
"name" : "linux-kernel-cve20144943-priv-esc(94665)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94665"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36267",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/36267"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3047.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3047.html"
},
{
"name": "SUSE-SU-2014:1316",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
},
{
"name": "1030610",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030610"
},
{
"name": "60220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60220"
},
{
"name": "59790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59790"
},
{
"name": "RHSA-2014:1025",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1025.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3cf521f7dc87c031617fd47e4b7aa2593c2f3daf",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3cf521f7dc87c031617fd47e4b7aa2593c2f3daf"
},
{
"name": "SUSE-SU-2014:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1119458",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1119458"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0924.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0924.html"
},
{
"name": "60393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60393"
},
{
"name": "60380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60380"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3048.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3048.html"
},
{
"name": "linux-kernel-cve20144943-priv-esc(94665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94665"
},
{
"name": "[oss-security] 20140716 CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/07/17/1"
},
{
"name": "60011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60011"
},
{
"name": "https://github.com/torvalds/linux/commit/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf"
},
{
"name": "DSA-2992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2992"
},
{
"name": "109277",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/109277"
},
{
"name": "60071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60071"
}
]
}
}

230
2014/8xxx/CVE-2014-8132.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8132",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/",
"refsource" : "CONFIRM",
"url" : "http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1158089",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1158089"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0014.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0014.html"
},
{
"name" : "DSA-3488",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3488"
},
{
"name" : "FEDORA-2014-17303",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147452.html"
},
{
"name" : "FEDORA-2014-17324",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147464.html"
},
{
"name" : "FEDORA-2014-17354",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147367.html"
},
{
"name" : "GLSA-201606-12",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-12"
},
{
"name" : "MDVSA-2015:020",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:020"
},
{
"name" : "openSUSE-SU-2015:0017",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00007.html"
},
{
"name" : "USN-2478-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2478-1"
},
{
"name" : "60838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60838"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1158089",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158089"
},
{
"name": "USN-2478-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2478-1"
},
{
"name": "GLSA-201606-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-12"
},
{
"name": "FEDORA-2014-17324",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147464.html"
},
{
"name": "DSA-3488",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3488"
},
{
"name": "FEDORA-2014-17303",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147452.html"
},
{
"name": "http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/",
"refsource": "CONFIRM",
"url": "http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0014.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0014.html"
},
{
"name": "60838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60838"
},
{
"name": "MDVSA-2015:020",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:020"
},
{
"name": "openSUSE-SU-2015:0017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00007.html"
},
{
"name": "FEDORA-2014-17354",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147367.html"
}
]
}
}

150
2014/8xxx/CVE-2014-8748.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8748",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Google Doubleclick for Publishers (DFP) module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the \"administer dfp\" permission to inject arbitrary web script or HTML via a slot name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://drupal.org/node/2179085",
"refsource" : "MISC",
"url" : "https://drupal.org/node/2179085"
},
{
"name" : "https://www.drupal.org/node/2172167",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2172167"
},
{
"name" : "102354",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102354"
},
{
"name" : "56521",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56521"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Google Doubleclick for Publishers (DFP) module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the \"administer dfp\" permission to inject arbitrary web script or HTML via a slot name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56521"
},
{
"name": "https://www.drupal.org/node/2172167",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2172167"
},
{
"name": "https://drupal.org/node/2179085",
"refsource": "MISC",
"url": "https://drupal.org/node/2179085"
},
{
"name": "102354",
"refsource": "OSVDB",
"url": "http://osvdb.org/102354"
}
]
}
}

120
2014/9xxx/CVE-2014-9042.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9042",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://owncloud.org/security/advisory/?id=oc-sa-2014-028",
"refsource" : "CONFIRM",
"url" : "https://owncloud.org/security/advisory/?id=oc-sa-2014-028"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://owncloud.org/security/advisory/?id=oc-sa-2014-028",
"refsource": "CONFIRM",
"url": "https://owncloud.org/security/advisory/?id=oc-sa-2014-028"
}
]
}
}

34
2014/9xxx/CVE-2014-9064.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9064",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9064",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

170
2014/9xxx/CVE-2014-9277.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9277",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-domain-policy> in a PHP format request, which causes the string length to change when converting the request to <NOT-cross-domain-policy>."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[MediaWiki-announce] 20141127 MediaWiki Security and Maintenance Releases: 1.23.7, 1.22.14 and 1.19.22",
"refsource" : "MLIST",
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-November/000170.html"
},
{
"name" : "[oss-security] 20141203 MediaWiki security release - 1.23.7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/12/03/9"
},
{
"name" : "[oss-security] 20141204 Re: MediaWiki security release - 1.23.7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/12/04/16"
},
{
"name" : "https://phabricator.wikimedia.org/T73478",
"refsource" : "CONFIRM",
"url" : "https://phabricator.wikimedia.org/T73478"
},
{
"name" : "DSA-3100",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3100"
},
{
"name" : "1031301",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1031301"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-domain-policy> in a PHP format request, which causes the string length to change when converting the request to <NOT-cross-domain-policy>."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031301",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1031301"
},
{
"name": "https://phabricator.wikimedia.org/T73478",
"refsource": "CONFIRM",
"url": "https://phabricator.wikimedia.org/T73478"
},
{
"name": "[oss-security] 20141203 MediaWiki security release - 1.23.7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/03/9"
},
{
"name": "[oss-security] 20141204 Re: MediaWiki security release - 1.23.7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/04/16"
},
{
"name": "DSA-3100",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3100"
},
{
"name": "[MediaWiki-announce] 20141127 MediaWiki Security and Maintenance Releases: 1.23.7, 1.22.14 and 1.19.22",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-November/000170.html"
}
]
}
}

150
2014/9xxx/CVE-2014-9442.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9442",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a promotionProductSearch action to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://research.g0blin.co.uk/g0blin-00022/",
"refsource" : "MISC",
"url" : "https://research.g0blin.co.uk/g0blin-00022/"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite",
"refsource" : "CONFIRM",
"url" : "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite"
},
{
"name" : "https://wordpress.org/plugins/cart66-lite/changelog/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/cart66-lite/changelog/"
},
{
"name" : "61942",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61942"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a promotionProductSearch action to wp-admin/admin-ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/cart66-lite/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/cart66-lite/changelog/"
},
{
"name": "https://research.g0blin.co.uk/g0blin-00022/",
"refsource": "MISC",
"url": "https://research.g0blin.co.uk/g0blin-00022/"
},
{
"name": "61942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61942"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite"
}
]
}
}

160
2014/9xxx/CVE-2014-9632.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9632",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "35993",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35993"
},
{
"name" : "http://packetstormsecurity.com/files/130248/AVG-Internet-Security-2015.0.5315-Privilege-Escalation.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130248/AVG-Internet-Security-2015.0.5315-Privilege-Escalation.html"
},
{
"name" : "http://www.greyhathacker.net/?p=818",
"refsource" : "MISC",
"url" : "http://www.greyhathacker.net/?p=818"
},
{
"name" : "http://www.avg.com/eu-en/avg-release-notes",
"refsource" : "CONFIRM",
"url" : "http://www.avg.com/eu-en/avg-release-notes"
},
{
"name" : "113824",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/113824"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "35993",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35993"
},
{
"name": "http://www.avg.com/eu-en/avg-release-notes",
"refsource": "CONFIRM",
"url": "http://www.avg.com/eu-en/avg-release-notes"
},
{
"name": "113824",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/113824"
},
{
"name": "http://packetstormsecurity.com/files/130248/AVG-Internet-Security-2015.0.5315-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130248/AVG-Internet-Security-2015.0.5315-Privilege-Escalation.html"
}
]
}
}

190
2014/9xxx/CVE-2014-9640.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9640",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"name" : "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name" : "https://trac.xiph.org/changeset/19117",
"refsource" : "CONFIRM",
"url" : "https://trac.xiph.org/changeset/19117"
},
{
"name" : "https://trac.xiph.org/ticket/2009",
"refsource" : "CONFIRM",
"url" : "https://trac.xiph.org/ticket/2009"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0051.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name" : "FEDORA-2015-1253",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"name" : "MDVSA-2015:037",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"name" : "openSUSE-SU-2015:0231",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-1253",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0051.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"name": "https://trac.xiph.org/changeset/19117",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"name": "https://trac.xiph.org/ticket/2009",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/ticket/2009"
}
]
}
}

34
2016/3xxx/CVE-2016-3380.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3380",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-3380",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

150
2016/3xxx/CVE-2016-3611.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3611",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91901",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91901"
},
{
"name" : "1036397",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036397"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "1036397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036397"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91901"
}
]
}
}

160
2016/6xxx/CVE-2016-6929.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6929",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name" : "GLSA-201610-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-10"
},
{
"name" : "RHSA-2016:1865",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name" : "92927",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92927"
},
{
"name" : "1036791",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036791"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201610-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-10"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name": "RHSA-2016:1865",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name": "92927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92927"
},
{
"name": "1036791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036791"
}
]
}
}

140
2016/7xxx/CVE-2016-7036.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-7036",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mpdavis/python-jose/pull/35/commits/89b46353b9f611e9da38de3d2fedf52331167b93",
"refsource" : "CONFIRM",
"url" : "https://github.com/mpdavis/python-jose/pull/35/commits/89b46353b9f611e9da38de3d2fedf52331167b93"
},
{
"name" : "https://github.com/mpdavis/python-jose/releases/tag/1.3.2",
"refsource" : "CONFIRM",
"url" : "https://github.com/mpdavis/python-jose/releases/tag/1.3.2"
},
{
"name" : "95845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95845"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mpdavis/python-jose/releases/tag/1.3.2",
"refsource": "CONFIRM",
"url": "https://github.com/mpdavis/python-jose/releases/tag/1.3.2"
},
{
"name": "95845",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95845"
},
{
"name": "https://github.com/mpdavis/python-jose/pull/35/commits/89b46353b9f611e9da38de3d2fedf52331167b93",
"refsource": "CONFIRM",
"url": "https://github.com/mpdavis/python-jose/pull/35/commits/89b46353b9f611e9da38de3d2fedf52331167b93"
}
]
}
}

150
2016/7xxx/CVE-2016-7462.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@vmware.com",
"ID" : "CVE-2016-7462",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2016-7462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.tenable.com/security/research/tra-2016-34",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2016-34"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2016-0020.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2016-0020.html"
},
{
"name" : "94351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94351"
},
{
"name" : "1037297",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037297"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94351"
},
{
"name": "1037297",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037297"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0020.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0020.html"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-34",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-34"
}
]
}
}

34
2016/7xxx/CVE-2016-7484.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7484",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7484",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/7xxx/CVE-2016-7848.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7848",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7848",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/8xxx/CVE-2016-8129.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8129",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8129",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}