admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:28:55 +00:00
parent dd7e6af715
commit 2822eec2e3
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 4148 additions and 4148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2006/0xxx/CVE-2006-0158.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0158", "ID": "CVE-2006-0158",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://osvdb.org/ref/22/22205-sitesuite.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://osvdb.org/ref/22/22205-sitesuite.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS allows remote attackers to execute arbitrary SQL commands via the page parameter."
{ }
"name" : "ADV-2006-0038", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/0038" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22205", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22205" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18305", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18305" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2006-0038",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0038"
},
{
"name": "22205",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22205"
},
{
"name": "http://osvdb.org/ref/22/22205-sitesuite.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/22/22205-sitesuite.txt"
},
{
"name": "18305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18305"
}
]
}
}

210
2006/0xxx/CVE-2006-0619.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0619", "ID": "CVE-2006-0619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060207 QNX Neutrino RTOS libAp ABLPATH Buffer Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library."
{ }
"name" : "20060207 QNX Neutrino RTOS libph PHOTON_PATH Buffer Overflow Vulnerability", ]
"refsource" : "IDEFENSE", },
"url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16539", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16539" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0474", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0474" ]
}, },
{ "references": {
"name" : "22964", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22964" "name": "20060207 QNX Neutrino RTOS libAp ABLPATH Buffer Overflow Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381"
"name" : "22965", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22965" "name": "20060207 QNX Neutrino RTOS libph PHOTON_PATH Buffer Overflow Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382"
"name" : "1015599", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015599" "name": "ADV-2006-0474",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0474"
"name" : "18750", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18750" "name": "18750",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18750"
"name" : "qnx-libap-bo(24558)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24558" "name": "qnx-libph-bo(24557)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24557"
"name" : "qnx-libph-bo(24557)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24557" "name": "1015599",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1015599"
} },
} {
"name": "22964",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22964"
},
{
"name": "22965",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22965"
},
{
"name": "16539",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16539"
},
{
"name": "qnx-libap-bo(24558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24558"
}
]
}
}

190
2006/0xxx/CVE-2006-0777.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0777", "ID": "CVE-2006-0777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060224 [eVuln] Guestex Shell Command Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/425970/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters."
{ }
"name" : "http://www.evuln.com/vulns/76/summary.html", ]
"refsource" : "MISC", },
"url" : "http://www.evuln.com/vulns/76/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16711", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16711" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0640", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0640" ]
}, },
{ "references": {
"name" : "23183", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23183" "name": "18927",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18927"
"name" : "18927", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18927" "name": "16711",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16711"
"name" : "489", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/489" "name": "489",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/489"
"name" : "guestex-script-execute-code(24645)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24645" "name": "http://www.evuln.com/vulns/76/summary.html",
} "refsource": "MISC",
] "url": "http://www.evuln.com/vulns/76/summary.html"
} },
} {
"name": "23183",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23183"
},
{
"name": "guestex-script-execute-code(24645)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24645"
},
{
"name": "20060224 [eVuln] Guestex Shell Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425970/100/0/threaded"
},
{
"name": "ADV-2006-0640",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0640"
}
]
}
}

180
2006/1xxx/CVE-2006-1144.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1144", "ID": "CVE-2006-1144",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060306 histhost v1.0.0 xss and possible rmdir", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/426931/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php."
{ }
"name" : "17025", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17025" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0886", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0886" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23757", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/23757" ]
}, },
{ "references": {
"name" : "23758", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23758" "name": "hithost-viewuser-deleteuser-xss(25105)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25105"
"name" : "19155", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19155" "name": "23758",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23758"
"name" : "hithost-viewuser-deleteuser-xss(25105)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25105" "name": "17025",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17025"
} },
} {
"name": "19155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19155"
},
{
"name": "20060306 histhost v1.0.0 xss and possible rmdir",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426931/100/0/threaded"
},
{
"name": "23757",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23757"
},
{
"name": "ADV-2006-0886",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0886"
}
]
}
}

170
2006/1xxx/CVE-2006-1330.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1330", "ID": "CVE-2006-1330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060318 phpWebsite <= SQL Injection (friend.php) & (article.php)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/428156" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php."
{ }
"name" : "20060413 Re: phpWebsite <= SQL Injection (friend.php) & (article.php)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/430870/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17150", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17150" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1039", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1039" ]
}, },
{ "references": {
"name" : "19315", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19315" "name": "20060318 phpWebsite <= SQL Injection (friend.php) & (article.php)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/428156"
"name" : "phpwebsite-multiple-sql-injection(25328)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25328" "name": "20060413 Re: phpWebsite <= SQL Injection (friend.php) & (article.php)",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/430870/100/0/threaded"
} },
} {
"name": "17150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17150"
},
{
"name": "ADV-2006-1039",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1039"
},
{
"name": "19315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19315"
},
{
"name": "phpwebsite-multiple-sql-injection(25328)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25328"
}
]
}
}

170
2006/1xxx/CVE-2006-1375.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1375", "ID": "CVE-2006-1375",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html" "lang": "eng",
}, "value": "AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php."
{ }
"name" : "ADV-2006-1071", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/1071" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24065", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24065" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24066", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24066" ]
}, },
{ "references": {
"name" : "19351", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19351" "name": "24065",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24065"
"name" : "adman-multiple-path-disclosure(25404)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25404" "name": "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html",
} "refsource": "MISC",
] "url": "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html"
} },
} {
"name": "24066",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24066"
},
{
"name": "adman-multiple-path-disclosure(25404)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25404"
},
{
"name": "19351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19351"
},
{
"name": "ADV-2006-1071",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1071"
}
]
}
}

180
2006/1xxx/CVE-2006-1562.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1562", "ID": "CVE-2006-1562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060411 [eVuln] [V]Book Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430624/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters."
{ }
"name" : "http://evuln.com/vulns/111", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/111" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17319", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17319" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1174", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1174" ]
}, },
{ "references": {
"name" : "24271", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24271" "name": "19448",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19448"
"name" : "19448", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19448" "name": "vbook-index-xss(25521)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25521"
"name" : "vbook-index-xss(25521)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25521" "name": "20060411 [eVuln] [V]Book Multiple Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/430624/100/0/threaded"
} },
} {
"name": "24271",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24271"
},
{
"name": "17319",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17319"
},
{
"name": "ADV-2006-1174",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1174"
},
{
"name": "http://evuln.com/vulns/111",
"refsource": "MISC",
"url": "http://evuln.com/vulns/111"
}
]
}
}

260
2006/1xxx/CVE-2006-1868.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1868", "ID": "CVE-2006-1868",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060420 [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431588/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03."
{ }
"name" : "http://www.argeniss.com/research/ARGENISS-ADV-040603.txt", ]
"refsource" : "MISC", },
"url" : "http://www.argeniss.com/research/ARGENISS-ADV-040603.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html", ]
"refsource" : "MISC", }
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html" ]
}, },
{ "references": {
"name" : "HPSBMA02113", "reference_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded" "name": "19712",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19712"
"name" : "SSRT061148", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded" "name": "19859",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19859"
"name" : "TA06-109A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-109A.html" "name": "VU#797465",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/797465"
"name" : "VU#797465", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/797465" "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
"name" : "17590", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17590" "name": "ADV-2006-1571",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1571"
"name" : "ADV-2006-1397", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1397" "name": "17590",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17590"
"name" : "ADV-2006-1571", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1571" "name": "SSRT061148",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
"name" : "1015961", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015961" "name": "oracle-dbmssnapshotutl-bo(26049)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26049"
"name" : "19712", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19712" "name": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html",
}, "refsource": "MISC",
{ "url": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html"
"name" : "19859", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19859" "name": "20060420 [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/431588/100/0/threaded"
"name" : "oracle-dbmssnapshotutl-bo(26049)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26049" "name": "TA06-109A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA06-109A.html"
} },
} {
"name": "http://www.argeniss.com/research/ARGENISS-ADV-040603.txt",
"refsource": "MISC",
"url": "http://www.argeniss.com/research/ARGENISS-ADV-040603.txt"
},
{
"name": "ADV-2006-1397",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1397"
},
{
"name": "HPSBMA02113",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"name": "1015961",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015961"
}
]
}
}

170
2006/5xxx/CVE-2006-5304.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5304", "ID": "CVE-2006-5304",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in inc/settings.php in IncCMS Core 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2557", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2557" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in inc/settings.php in IncCMS Core 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter."
{ }
"name" : "http://www.rahim.webd.pl/exploity/Exploits/100.txt", ]
"refsource" : "MISC", },
"url" : "http://www.rahim.webd.pl/exploity/Exploits/100.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20531", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20531" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4046", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4046" ]
}, },
{ "references": {
"name" : "22420", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22420" "name": "20531",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20531"
"name" : "inccms-settings-file-include(29567)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29567" "name": "http://www.rahim.webd.pl/exploity/Exploits/100.txt",
} "refsource": "MISC",
] "url": "http://www.rahim.webd.pl/exploity/Exploits/100.txt"
} },
} {
"name": "ADV-2006-4046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4046"
},
{
"name": "inccms-settings-file-include(29567)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29567"
},
{
"name": "2557",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2557"
},
{
"name": "22420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22420"
}
]
}
}

190
2006/5xxx/CVE-2006-5306.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5306", "ID": "CVE-2006-5306",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061012 Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/448443/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php."
{ }
"name" : "2522", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/2522" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20484", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20484" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4029", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4029" ]
}, },
{ "references": {
"name" : "1017058", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017058" "name": "2522",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/2522"
"name" : "22387", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22387" "name": "phpbb-multiple-scripts-file-include(29491)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29491"
"name" : "1731", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1731" "name": "1731",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1731"
"name" : "phpbb-multiple-scripts-file-include(29491)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29491" "name": "1017058",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1017058"
} },
} {
"name": "20484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20484"
},
{
"name": "22387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22387"
},
{
"name": "20061012 Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448443/100/0/threaded"
},
{
"name": "ADV-2006-4029",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4029"
}
]
}
}

130
2006/5xxx/CVE-2006-5395.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5395", "ID": "CVE-2006-5395",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20561", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20561" "lang": "eng",
}, "value": "Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "Microsoftexporttool-clspack-bo(39975)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39975" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "Microsoftexporttool-clspack-bo(39975)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39975"
},
{
"name": "20561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20561"
}
]
}
}

180
2010/0xxx/CVE-2010-0285.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0285", "ID": "CVE-2010-0285",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca" "lang": "eng",
}, "value": "gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor."
{ }
"name" : "http://security-tracker.debian.org/tracker/CVE-2010-0285", ]
"refsource" : "CONFIRM", },
"url" : "http://security-tracker.debian.org/tracker/CVE-2010-0285" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=593616", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=593616" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=557525", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=557525" ]
}, },
{ "references": {
"name" : "MDVSA-2011:093", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:093" "name": "https://bugzilla.gnome.org/show_bug.cgi?id=593616",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.gnome.org/show_bug.cgi?id=593616"
"name" : "38254", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38254" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=557525",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=557525"
"name" : "screensaver-monitor-setup-sec-bypass(56366)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56366" "name": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca",
} "refsource": "CONFIRM",
] "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca"
} },
} {
"name": "http://security-tracker.debian.org/tracker/CVE-2010-0285",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-0285"
},
{
"name": "screensaver-monitor-setup-sec-bypass(56366)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56366"
},
{
"name": "MDVSA-2011:093",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:093"
},
{
"name": "38254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38254"
}
]
}
}

490
2010/0xxx/CVE-2010-0434.json
View File

@ -1,247 +1,247 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0434", "ID": "CVE-2010-0434",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2010/000105.html" "lang": "eng",
}, "value": "The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request."
{ }
"name" : "http://httpd.apache.org/security/vulnerabilities_22.html", ]
"refsource" : "CONFIRM", },
"url" : "http://httpd.apache.org/security/vulnerabilities_22.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://svn.apache.org/viewvc?view=revision&revision=917867", ]
"refsource" : "CONFIRM", }
"url" : "http://svn.apache.org/viewvc?view=revision&revision=917867" ]
}, },
{ "references": {
"name" : "http://svn.apache.org/viewvc?view=revision&revision=918427", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=918427" "name": "RHSA-2010:0175",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0175.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=570171", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=570171" "name": "39115",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39115"
"name" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=48359", },
"refsource" : "CONFIRM", {
"url" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=48359" "name": "ADV-2010-1411",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1411"
"name" : "http://www.vmware.com/security/advisories/VMSA-2010-0014.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2010-0014.html" "name": "http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h"
"name" : "http://support.apple.com/kb/HT4435", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4435" "name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" "name": "ADV-2010-0911",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0911"
"name" : "PM12247", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" "name": "39628",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39628"
"name" : "PM08939", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939" "name": "http://support.apple.com/kb/HT4435",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4435"
"name" : "PM15829", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829" "name": "PM12247",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"
"name" : "APPLE-SA-2010-11-10-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" "name": "FEDORA-2010-6131",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"
"name" : "DSA-2035", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2035" "name": "oval:org.mitre.oval:def:10358",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10358"
"name" : "FEDORA-2010-5942", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html" "name": "oval:org.mitre.oval:def:8695",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8695"
"name" : "FEDORA-2010-6131", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html" "name": "HPSBUX02531",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
"name" : "HPSBUX02531", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2" "name": "PM15829",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829"
"name" : "SSRT100108", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127557640302499&w=2" "name": "39656",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39656"
"name" : "RHSA-2010:0168", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0168.html" "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=48359",
}, "refsource": "CONFIRM",
{ "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=48359"
"name" : "RHSA-2010:0175", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0175.html" "name": "38494",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/38494"
"name" : "SUSE-SR:2010:010", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
"name" : "38494", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38494" "name": "RHSA-2010:0168",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0168.html"
"name" : "oval:org.mitre.oval:def:10358", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10358" "name": "apache-http-rh-info-disclosure(56625)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56625"
"name" : "oval:org.mitre.oval:def:8695", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8695" "name": "APPLE-SA-2010-11-10-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name" : "39628", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39628" "name": "39100",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39100"
"name" : "39632", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39632" "name": "39501",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39501"
"name" : "39656", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39656" "name": "SUSE-SR:2010:010",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
"name" : "39501", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39501" "name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
"name" : "40096", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40096" "name": "http://httpd.apache.org/security/vulnerabilities_22.html",
}, "refsource": "CONFIRM",
{ "url": "http://httpd.apache.org/security/vulnerabilities_22.html"
"name" : "39100", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39100" "name": "http://svn.apache.org/viewvc?view=revision&revision=917867",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=917867"
"name" : "39115", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39115" "name": "40096",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40096"
"name" : "ADV-2010-0994", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0994" "name": "SSRT100108",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=127557640302499&w=2"
"name" : "ADV-2010-1001", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1001" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=570171",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171"
"name" : "ADV-2010-1057", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1057" "name": "39632",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39632"
"name" : "ADV-2010-0911", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0911" "name": "DSA-2035",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-2035"
"name" : "ADV-2010-1411", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1411" "name": "PM08939",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939"
"name" : "apache-http-rh-info-disclosure(56625)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56625" "name": "FEDORA-2010-5942",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"
} },
} {
"name": "http://svn.apache.org/viewvc?view=revision&revision=918427",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=918427"
},
{
"name": "ADV-2010-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"name": "ADV-2010-0994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0994"
},
{
"name": "ADV-2010-1057",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1057"
}
]
}
}

160
2010/0xxx/CVE-2010-0484.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0484", "ID": "CVE-2010-0484",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 \"do not properly validate changes in certain kernel objects,\" which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka \"Win32k Improper Data Validation Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100608 VUPEN Security Research - Microsoft Windows Kernel \"GetDCEx()\" Memory Corruption Vulnerability (CVE-2010-0484)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/511769/100/0/threaded" "lang": "eng",
}, "value": "The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 \"do not properly validate changes in certain kernel objects,\" which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka \"Win32k Improper Data Validation Vulnerability.\""
{ }
"name" : "http://www.opera.com/support/kb/view/954/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/support/kb/view/954/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS10-032", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-032" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA10-159B", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:7609", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7609" "name": "20100608 VUPEN Security Research - Microsoft Windows Kernel \"GetDCEx()\" Memory Corruption Vulnerability (CVE-2010-0484)",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/511769/100/0/threaded"
} },
} {
"name": "oval:org.mitre.oval:def:7609",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7609"
},
{
"name": "http://www.opera.com/support/kb/view/954/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/954/"
},
{
"name": "TA10-159B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html"
},
{
"name": "MS10-032",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-032"
}
]
}
}

140
2010/0xxx/CVE-2010-0512.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-0512", "ID": "CVE-2010-0512",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4077", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4077" "lang": "eng",
}, "value": "The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials."
{ }
"name" : "APPLE-SA-2010-03-29-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39153", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/39153" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "39153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39153"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
}
]
}
}

150
2010/0xxx/CVE-2010-0921.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0921", "ID": "CVE-2010-0921",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27018109" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
{ }
"name" : "38459", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/38459" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2010-0496", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0496" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "inotes-getfilter-csrf(56556)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2010-0496",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0496"
},
{
"name": "38459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38459"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
},
{
"name": "inotes-getfilter-csrf(56556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
}
]
}
}

250
2010/3xxx/CVE-2010-3113.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3113", "ID": "CVE-2010-3113",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=49596", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=49596" "lang": "eng",
}, "value": "Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController."
{ }
"name" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://trac.webkit.org/changeset/63865", ]
"refsource" : "CONFIRM", }
"url" : "http://trac.webkit.org/changeset/63865" ]
}, },
{ "references": {
"name" : "MDVSA-2011:039", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" "name": "MDVSA-2011:039",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
"name" : "RHSA-2011:0177", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html" "name": "http://trac.webkit.org/changeset/63865",
}, "refsource": "CONFIRM",
{ "url": "http://trac.webkit.org/changeset/63865"
"name" : "USN-1006-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1006-1" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032"
"name" : "44199", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44199" "name": "ADV-2010-2722",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2722"
"name" : "oval:org.mitre.oval:def:11901", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11901" "name": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html"
"name" : "41856", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41856" "name": "USN-1006-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1006-1"
"name" : "43086", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43086" "name": "41856",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/41856"
"name" : "ADV-2010-2722", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2722" "name": "ADV-2011-0216",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0216"
"name" : "ADV-2011-0216", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0216" "name": "http://code.google.com/p/chromium/issues/detail?id=49596",
}, "refsource": "CONFIRM",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=49596"
"name" : "ADV-2011-0552", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0552" "name": "44199",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/44199"
} },
} {
"name": "43086",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43086"
},
{
"name": "oval:org.mitre.oval:def:11901",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11901"
},
{
"name": "RHSA-2011:0177",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"
},
{
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
}
]
}
}

34
2010/3xxx/CVE-2010-3843.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3843", "ID": "CVE-2010-3843",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2010/3xxx/CVE-2010-3966.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-3966", "ID": "CVE-2010-3966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file, aka \"BranchCache Insecure Library Loading Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-095", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-095" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file, aka \"BranchCache Insecure Library Loading Vulnerability.\""
{ }
"name" : "TA10-348A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45295", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "69816", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/69816" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:12163", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12163" "name": "TA10-348A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name" : "1024877", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024877" "name": "69816",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/69816"
"name" : "42609", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42609" "name": "MS10-095",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-095"
"name" : "ADV-2010-3218", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3218" "name": "1024877",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1024877"
} },
} {
"name": "ADV-2010-3218",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3218"
},
{
"name": "oval:org.mitre.oval:def:12163",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12163"
},
{
"name": "45295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45295"
},
{
"name": "42609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42609"
}
]
}
}

150
2010/4xxx/CVE-2010-4086.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-4086", "ID": "CVE-2010-4086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4088."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20101030 Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/514578/100/0/threaded" "lang": "eng",
}, "value": "dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4088."
{ }
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12030", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12030" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024664", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1024664" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1024664",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024664"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-25.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html"
},
{
"name": "20101030 Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514578/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:12030",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12030"
}
]
}
}

34
2010/4xxx/CVE-2010-4118.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-4118", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-4118",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
} }
] ]
} }
} }

340
2010/4xxx/CVE-2010-4164.json
View File

@ -1,172 +1,172 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4164", "ID": "CVE-2010-4164",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[netdev] 20101111 [SECURITY] [PATCH] Prevent crashing when parsing bad X.25", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-netdev&m=128951543005554&w=2" "lang": "eng",
}, "value": "Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873."
{ }
"name" : "[oss-security] 20101111 CVE request: kernel: remote DoS in X.25", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2010/11/11/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20101112 Re: CVE request: kernel: remote DoS in X.25", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2010/11/12/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f" ]
}, },
{ "references": {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2" "name": "[oss-security] 20101111 CVE request: kernel: remote DoS in X.25",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/11/2"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=652517", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=652517" "name": "SUSE-SA:2011:004",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html"
"name" : "DSA-2126", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2126" "name": "42778",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42778"
"name" : "MDVSA-2011:029", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029" "name": "42801",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42801"
"name" : "SUSE-SA:2011:001", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html" "name": "SUSE-SA:2011:002",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html"
"name" : "SUSE-SA:2011:002", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html" "name": "SUSE-SA:2011:001",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
"name" : "SUSE-SA:2010:060", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html" "name": "42932",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42932"
"name" : "SUSE-SA:2011:004", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html" "name": "ADV-2011-0124",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0124"
"name" : "SUSE-SA:2011:007", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "name": "SUSE-SA:2011:007",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"name" : "SUSE-SA:2011:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" "name": "SUSE-SA:2010:060",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html"
"name" : "45055", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45055" "name": "ADV-2011-0298",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0298"
"name" : "42778", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42778" "name": "[oss-security] 20101112 Re: CVE request: kernel: remote DoS in X.25",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/12/3"
"name" : "42801", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42801" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2"
"name" : "42932", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42932" "name": "45055",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45055"
"name" : "43291", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43291" "name": "ADV-2011-0375",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0375"
"name" : "ADV-2011-0012", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0012" "name": "ADV-2011-0012",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0012"
"name" : "ADV-2011-0124", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0124" "name": "SUSE-SA:2011:008",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
"name" : "ADV-2011-0298", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0298" "name": "MDVSA-2011:029",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
"name" : "ADV-2011-0375", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0375" "name": "43291",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/43291"
} },
} {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f"
},
{
"name": "[netdev] 20101111 [SECURITY] [PATCH] Prevent crashing when parsing bad X.25",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev&m=128951543005554&w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=652517",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=652517"
},
{
"name": "DSA-2126",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2126"
}
]
}
}

140
2010/4xxx/CVE-2010-4385.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4385", "ID": "CVE-2010-4385",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://service.real.com/realplayer/security/12102010_player/en/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://service.real.com/realplayer/security/12102010_player/en/" "lang": "eng",
}, "value": "Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via crafted frame dimensions in an SIPR stream."
{ }
"name" : "RHSA-2010:0981", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0981.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1024861", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024861" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2010:0981",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0981.html"
},
{
"name": "1024861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024861"
},
{
"name": "http://service.real.com/realplayer/security/12102010_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/12102010_player/en/"
}
]
}
}

150
2010/4xxx/CVE-2010-4705.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4705", "ID": "CVE-2010-4705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e" "lang": "eng",
}, "value": "Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480."
{ }
"name" : "DSA-2165", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2011/dsa-2165" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46294", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46294" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43323", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/43323" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e",
"refsource": "CONFIRM",
"url": "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e"
},
{
"name": "43323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43323"
},
{
"name": "DSA-2165",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "46294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46294"
}
]
}
}

130
2014/0xxx/CVE-2014-0832.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0832", "ID": "CVE-2014-0832",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21662714", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21662714" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value."
{ }
"name" : "ibm-ftm-cve20140832-xss(90586)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90586" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-ftm-cve20140832-xss(90586)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90586"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21662714",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662714"
}
]
}
}

140
2014/3xxx/CVE-2014-3973.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3973", "ID": "CVE-2014-3973",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "http://sourceforge.net/p/frontaccounting/mercurial/ci/7ab9e443a8eb9d1b03cbed33006b7665bda9383e", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/p/frontaccounting/mercurial/ci/7ab9e443a8eb9d1b03cbed33006b7665bda9383e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "58848", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58848" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php",
"refsource": "CONFIRM",
"url": "http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php"
},
{
"name": "http://sourceforge.net/p/frontaccounting/mercurial/ci/7ab9e443a8eb9d1b03cbed33006b7665bda9383e",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/frontaccounting/mercurial/ci/7ab9e443a8eb9d1b03cbed33006b7665bda9383e"
},
{
"name": "58848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58848"
}
]
}
}

140
2014/4xxx/CVE-2014-4023.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4023", "ID": "CVE-2014-4023",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html", ]
"refsource" : "CONFIRM", },
"url" : "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030776", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030776" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
},
{
"name": "1030776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030776"
}
]
}
}

160
2014/4xxx/CVE-2014-4051.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-4051", "ID": "CVE-2014-4051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2784."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-051", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051" "lang": "eng",
}, "value": "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2784."
{ }
"name" : "69126", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/69126" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030715", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030715" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "60670", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/60670" ]
}, },
{ "references": {
"name" : "ms-ie-cve20144051-code-exec(94985)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94985" "name": "69126",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/69126"
} },
} {
"name": "1030715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030715"
},
{
"name": "ms-ie-cve20144051-code-exec(94985)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94985"
},
{
"name": "MS14-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
},
{
"name": "60670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60670"
}
]
}
}

140
2014/4xxx/CVE-2014-4336.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-4336", "ID": "CVE-2014-4336",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140425 Re: Re: cups-browsed remote exploit", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/04/25/7" "lang": "eng",
}, "value": "The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707."
{ }
"name" : "[oss-security] 20140619 Re: cups-browsed remote exploit", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2014/06/19/12" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140425 Re: Re: cups-browsed remote exploit",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/04/25/7"
},
{
"name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194",
"refsource": "CONFIRM",
"url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194"
},
{
"name": "[oss-security] 20140619 Re: cups-browsed remote exploit",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/06/19/12"
}
]
}
}

150
2014/4xxx/CVE-2014-4549.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4549", "ID": "CVE-2014-4549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplete.php in the WooCommerce SagePay Direct Payment Gateway plugin before 0.1.6.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MD or (2) PARes parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codevigilant.com/disclosure/wp-plugin-sagepay-direct-for-woocommerce-payment-gateway-a3-cross-site-scripting-xss", "description_data": [
"refsource" : "MISC", {
"url" : "http://codevigilant.com/disclosure/wp-plugin-sagepay-direct-for-woocommerce-payment-gateway-a3-cross-site-scripting-xss" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplete.php in the WooCommerce SagePay Direct Payment Gateway plugin before 0.1.6.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MD or (2) PARes parameter."
{ }
"name" : "http://wordpress.org/plugins/sagepay-direct-for-woocommerce-payment-gateway/changelog", ]
"refsource" : "CONFIRM", },
"url" : "http://wordpress.org/plugins/sagepay-direct-for-woocommerce-payment-gateway/changelog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/wp-plugins/sagepay-direct-for-woocommerce-payment-gateway/commit/9c6cf939c6c25377c285439b92ef2bb5ebda9db6", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/wp-plugins/sagepay-direct-for-woocommerce-payment-gateway/commit/9c6cf939c6c25377c285439b92ef2bb5ebda9db6" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "65355", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/65355" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://wordpress.org/plugins/sagepay-direct-for-woocommerce-payment-gateway/changelog",
"refsource": "CONFIRM",
"url": "http://wordpress.org/plugins/sagepay-direct-for-woocommerce-payment-gateway/changelog"
},
{
"name": "http://codevigilant.com/disclosure/wp-plugin-sagepay-direct-for-woocommerce-payment-gateway-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-sagepay-direct-for-woocommerce-payment-gateway-a3-cross-site-scripting-xss"
},
{
"name": "65355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65355"
},
{
"name": "https://github.com/wp-plugins/sagepay-direct-for-woocommerce-payment-gateway/commit/9c6cf939c6c25377c285439b92ef2bb5ebda9db6",
"refsource": "CONFIRM",
"url": "https://github.com/wp-plugins/sagepay-direct-for-woocommerce-payment-gateway/commit/9c6cf939c6c25377c285439b92ef2bb5ebda9db6"
}
]
}
}

34
2014/4xxx/CVE-2014-4794.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4794", "ID": "CVE-2014-4794",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/8xxx/CVE-2014-8071.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8071", "ID": "CVE-2014-8071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to allergyui/allergy.page; the (6) w10 parameter to htmlformentryui/htmlform/enterHtmlForm/submit.action; the (7) HTTP Referer Header to login.htm; the (8) returnUrl parameter to htmlformentryui/htmlform/enterHtmlFormWithStandardUi.page or (9) coreapps/mergeVisits.page; or the (10) visitId parameter to htmlformentryui/htmlform/enterHtmlFormWithSimpleUi.page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to allergyui/allergy.page; the (6) w10 parameter to htmlformentryui/htmlform/enterHtmlForm/submit.action; the (7) HTTP Referer Header to login.htm; the (8) returnUrl parameter to htmlformentryui/htmlform/enterHtmlFormWithStandardUi.page or (9) coreapps/mergeVisits.page; or the (10) visitId parameter to htmlformentryui/htmlform/enterHtmlFormWithSimpleUi.page."
{ }
"name" : "70664", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/70664" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openmrs-cve20148071-xss(97690)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97690" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html"
},
{
"name": "openmrs-cve20148071-xss(97690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97690"
},
{
"name": "70664",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70664"
}
]
}
}

170
2014/8xxx/CVE-2014-8151.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-8151", "ID": "CVE-2014-8151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://curl.haxx.se/docs/adv_20150108A.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://curl.haxx.se/docs/adv_20150108A.html" "lang": "eng",
}, "value": "The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", "description": [
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-2", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" ]
}, },
{ "references": {
"name" : "GLSA-201701-47", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-47" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "61925", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61925" "name": "http://curl.haxx.se/docs/adv_20150108A.html",
} "refsource": "CONFIRM",
] "url": "http://curl.haxx.se/docs/adv_20150108A.html"
} },
} {
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201701-47",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-47"
},
{
"name": "61925",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61925"
}
]
}
}

150
2014/8xxx/CVE-2014-8555.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8555", "ID": "CVE-2014-8555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35127", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/35127" "lang": "eng",
}, "value": "Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter."
{ }
"name" : "35207", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/35207" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.xlabs.com.br/blog/?p=256", "description": [
"refsource" : "MISC", {
"url" : "https://www.xlabs.com.br/blog/?p=256" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "35127",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35127"
},
{
"name": "https://www.xlabs.com.br/blog/?p=256",
"refsource": "MISC",
"url": "https://www.xlabs.com.br/blog/?p=256"
},
{
"name": "35207",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35207"
},
{
"name": "http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html"
}
]
}
}

120
2014/8xxx/CVE-2014-8678.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8678", "ID": "CVE-2014-8678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to \"disclose\" files via a crafted filename, related to \"saveFile.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-386/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-386/" "lang": "eng",
} "value": "The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to \"disclose\" files via a crafted filename, related to \"saveFile.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-386/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-386/"
}
]
}
}

180
2014/9xxx/CVE-2014-9403.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9403", "ID": "CVE-2014-9403",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a \"use-after-delete\" error."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/18/2" "lang": "eng",
}, "value": "The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a \"use-after-delete\" error."
{ }
"name" : "https://github.com/znc/znc/blob/master/ChangeLog.md", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/znc/znc/blob/master/ChangeLog.md" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/znc/znc/issues/528", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/znc/znc/issues/528" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://advisories.mageia.org/MGASA-2014-0543.html", ]
"refsource" : "CONFIRM", }
"url" : "http://advisories.mageia.org/MGASA-2014-0543.html" ]
}, },
{ "references": {
"name" : "MDVSA-2015:013", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013" "name": "http://advisories.mageia.org/MGASA-2014-0543.html",
}, "refsource": "CONFIRM",
{ "url": "http://advisories.mageia.org/MGASA-2014-0543.html"
"name" : "66926", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/66926" "name": "https://github.com/znc/znc/issues/528",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/znc/znc/issues/528"
"name" : "57795", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57795" "name": "MDVSA-2015:013",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
} },
} {
"name": "[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"name": "66926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66926"
},
{
"name": "https://github.com/znc/znc/blob/master/ChangeLog.md",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"name": "57795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57795"
}
]
}
}

180
2014/9xxx/CVE-2014-9601.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9601", "ID": "CVE-2014-9601",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pillow.readthedocs.org/releasenotes/2.7.0.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://pillow.readthedocs.org/releasenotes/2.7.0.html" "lang": "eng",
}, "value": "Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed."
{ }
"name" : "https://github.com/python-pillow/Pillow/pull/1060", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/python-pillow/Pillow/pull/1060" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.djangoproject.com/weblog/2015/jan/02/pillow-security-release/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.djangoproject.com/weblog/2015/jan/02/pillow-security-release/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" ]
}, },
{ "references": {
"name" : "FEDORA-2015-0667", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148442.html" "name": "openSUSE-SU-2015:0798",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html"
"name" : "openSUSE-SU-2015:0798", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html" "name": "https://www.djangoproject.com/weblog/2015/jan/02/pillow-security-release/",
}, "refsource": "CONFIRM",
{ "url": "https://www.djangoproject.com/weblog/2015/jan/02/pillow-security-release/"
"name" : "77758", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77758" "name": "FEDORA-2015-0667",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148442.html"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "http://pillow.readthedocs.org/releasenotes/2.7.0.html",
"refsource": "CONFIRM",
"url": "http://pillow.readthedocs.org/releasenotes/2.7.0.html"
},
{
"name": "77758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77758"
},
{
"name": "https://github.com/python-pillow/Pillow/pull/1060",
"refsource": "CONFIRM",
"url": "https://github.com/python-pillow/Pillow/pull/1060"
}
]
}
}

120
2016/2xxx/CVE-2016-2292.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-2292", "ID": "CVE-2016-2292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01" "lang": "eng",
} "value": "Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01"
}
]
}
}

120
2016/2xxx/CVE-2016-2472.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-2472", "ID": "CVE-2016-2472",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-06-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-06-01.html" "lang": "eng",
} "value": "The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-06-01.html"
}
]
}
}

120
2016/3xxx/CVE-2016-3101.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-3101", "ID": "CVE-2016-3101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
}
]
}
}

150
2016/3xxx/CVE-2016-3169.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3169", "ID": "CVE-2016-3169",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows remote attackers to gain privileges by leveraging contributed or custom code that calls the user_save function with an explicit category and loads all roles into the array."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/02/24/19" "lang": "eng",
}, "value": "The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows remote attackers to gain privileges by leveraging contributed or custom code that calls the user_save function with an explicit category and loads all roles into the array."
{ }
"name" : "[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/03/15/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/SA-CORE-2016-001", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/SA-CORE-2016-001" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3498", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3498" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/24/19"
},
{
"name": "[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/10"
},
{
"name": "DSA-3498",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3498"
},
{
"name": "https://www.drupal.org/SA-CORE-2016-001",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2016-001"
}
]
}
}

140
2016/3xxx/CVE-2016-3284.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3284", "ID": "CVE-2016-3284",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-088", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088" "lang": "eng",
}, "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
{ }
"name" : "91594", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91594" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036274", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036274" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036274",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036274"
},
{
"name": "MS16-088",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088"
},
{
"name": "91594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91594"
}
]
}
}

130
2016/3xxx/CVE-2016-3435.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3435", "ID": "CVE-2016-3435",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology."
{ }
"name" : "1035610", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035610" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035610",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035610"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
}
]
}
}

140
2016/3xxx/CVE-2016-3837.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3837", "ID": "CVE-2016-3837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal bug 28164077."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-08-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-08-01.html" "lang": "eng",
}, "value": "service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal bug 28164077."
{ }
"name" : "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a209ff12ba9617c10550678ff93d01fb72a33399", ]
"refsource" : "CONFIRM", },
"url" : "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a209ff12ba9617c10550678ff93d01fb72a33399" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92235", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92235" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a209ff12ba9617c10550678ff93d01fb72a33399",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a209ff12ba9617c10550678ff93d01fb72a33399"
},
{
"name": "92235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92235"
}
]
}
}

130
2016/6xxx/CVE-2016-6027.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-6027", "ID": "CVE-2016-6027",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information or modify data by leveraging use of HTTP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991278", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991278" "lang": "eng",
}, "value": "The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information or modify data by leveraging use of HTTP."
{ }
"name" : "93340", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93340" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93340"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991278",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991278"
}
]
}
}

140
2016/6xxx/CVE-2016-6369.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-6369", "ID": "CVE-2016-6369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160824 Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect" "lang": "eng",
}, "value": "Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464."
{ }
"name" : "92625", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92625" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036697", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036697" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036697"
},
{
"name": "20160824 Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect"
},
{
"name": "92625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92625"
}
]
}
}

190
2016/6xxx/CVE-2016-6603.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6603", "ID": "CVE-2016-6603",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539159/100/0/threaded" "lang": "eng",
}, "value": "ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header."
{ }
"name" : "40229", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/40229/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Aug/54" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html" ]
}, },
{ "references": {
"name" : "https://blogs.securiteam.com/index.php/archives/2712", "reference_data": [
"refsource" : "MISC", {
"url" : "https://blogs.securiteam.com/index.php/archives/2712" "name": "20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2016/Aug/54"
"name" : "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt", },
"refsource" : "MISC", {
"url" : "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt" "name": "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them",
}, "refsource": "CONFIRM",
{ "url": "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them"
"name" : "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them", },
"refsource" : "CONFIRM", {
"url" : "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them" "name": "92402",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92402"
"name" : "92402", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92402" "name": "40229",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/40229/"
} },
} {
"name": "20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539159/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html"
},
{
"name": "https://blogs.securiteam.com/index.php/archives/2712",
"refsource": "MISC",
"url": "https://blogs.securiteam.com/index.php/archives/2712"
},
{
"name": "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt",
"refsource": "MISC",
"url": "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt"
}
]
}
}

130
2016/6xxx/CVE-2016-6767.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-6767", "ID": "CVE-2016-6767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4. Android ID: A-31833604."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "lang": "eng",
}, "value": "A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4. Android ID: A-31833604."
{ }
"name" : "94688", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94688" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94688",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94688"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
}
]
}
}

140
2016/6xxx/CVE-2016-6974.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6974", "ID": "CVE-2016-6974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
{ }
"name" : "93496", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93496" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036986", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036986" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}

140
2016/6xxx/CVE-2016-6977.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6977", "ID": "CVE-2016-6977",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
{ }
"name" : "93496", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93496" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036986", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036986" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}

34
2016/7xxx/CVE-2016-7022.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7022", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7022",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

230
2016/7xxx/CVE-2016-7427.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7427", "ID": "CVE-2016-7427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://nwtime.org/ntp428p9_release/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://nwtime.org/ntp428p9_release/" "lang": "eng",
}, "value": "The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet."
{ }
"name" : "http://support.ntp.org/bin/view/Main/NtpBug3114", ]
"refsource" : "CONFIRM", },
"url" : "http://support.ntp.org/bin/view/Main/NtpBug3114" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bto.bluecoat.com/security-advisory/sa139", ]
"refsource" : "CONFIRM", }
"url" : "https://bto.bluecoat.com/security-advisory/sa139" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us" "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us"
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03883en_us", },
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03883en_us" "name": "USN-3707-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3707-2/"
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03899en_us", },
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03899en_us" "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03883en_us",
}, "refsource": "CONFIRM",
{ "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03883en_us"
"name" : "FreeBSD-SA-16:39", },
"refsource" : "FREEBSD", {
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc" "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
}, "refsource": "CONFIRM",
{ "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
"name" : "USN-3707-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3707-2/" "name": "http://nwtime.org/ntp428p9_release/",
}, "refsource": "CONFIRM",
{ "url": "http://nwtime.org/ntp428p9_release/"
"name" : "VU#633847", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/633847" "name": "http://support.ntp.org/bin/view/Main/NtpBug3114",
}, "refsource": "CONFIRM",
{ "url": "http://support.ntp.org/bin/view/Main/NtpBug3114"
"name" : "94447", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94447" "name": "VU#633847",
}, "refsource": "CERT-VN",
{ "url": "https://www.kb.cert.org/vuls/id/633847"
"name" : "1037354", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037354" "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03899en_us",
} "refsource": "CONFIRM",
] "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03899en_us"
} },
} {
"name": "1037354",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037354"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "FreeBSD-SA-16:39",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
},
{
"name": "94447",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94447"
}
]
}
}