admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:58:43 +00:00
parent d7d4f5e5fc
commit 2a68a8fa9b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4970 additions and 4970 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

198
2006/0xxx/CVE-2006-0103.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0103", "ID": "CVE-2006-0103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email files under the web root with insufficient access control, which allows remote attackers to list all registered users and possibly obtain other sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060105 [eVuln] TinyPHPForum Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/420933/100/0/threaded" "lang": "eng",
}, "value": "TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email files under the web root with insufficient access control, which allows remote attackers to list all registered users and possibly obtain other sensitive information."
{ }
"name" : "http://evuln.com/vulns/14/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/14/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060417 Tiny PHP forum - vulns", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431133/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0054", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0054" ]
}, },
{ "references": {
"name" : "22257", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22257" "name": "1015436",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015436"
"name" : "1015436", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015436" "name": "20060105 [eVuln] TinyPHPForum Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/420933/100/0/threaded"
"name" : "18293", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18293" "name": "22257",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22257"
"name" : "320", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/320" "name": "ADV-2006-0054",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0054"
"name" : "tinyphpforum-users-information-disclosure(24016)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24016" "name": "18293",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18293"
} },
{
"name": "320",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/320"
},
{
"name": "tinyphpforum-users-information-disclosure(24016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24016"
},
{
"name": "http://evuln.com/vulns/14/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/14/summary.html"
},
{
"name": "20060417 Tiny PHP forum - vulns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431133/100/0/threaded"
}
]
}
} }

168
2006/0xxx/CVE-2006-0172.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0172", "ID": "CVE-2006-0172",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060110 Multiple Vulnerabilities in Hummingbird Collaboration", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/421392/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting."
{ }
"name" : "http://www.securenetwork.it/advisories/sn-2006-01.html", ]
"refsource" : "MISC", },
"url" : "http://www.securenetwork.it/advisories/sn-2006-01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16195", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16195" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0145", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0145" ]
}, },
{ "references": {
"name" : "18411", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18411" "name": "ADV-2006-0145",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0145"
"name" : "hummingbird-enterprise-xss(24067)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24067" "name": "16195",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/16195"
} },
{
"name": "18411",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18411"
},
{
"name": "hummingbird-enterprise-xss(24067)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24067"
},
{
"name": "http://www.securenetwork.it/advisories/sn-2006-01.html",
"refsource": "MISC",
"url": "http://www.securenetwork.it/advisories/sn-2006-01.html"
},
{
"name": "20060110 Multiple Vulnerabilities in Hummingbird Collaboration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421392/100/0/threaded"
}
]
}
} }

158
2006/0xxx/CVE-2006-0832.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0832", "ID": "CVE-2006-0832",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060218 SLQ Injection vulnerability in WPCeasy", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/425395/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameter."
{ }
"name" : "16721", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16721" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0662", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0662" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18945", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18945" ]
}, },
{ "references": {
"name" : "456", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/456" "name": "456",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/456"
} },
{
"name": "20060218 SLQ Injection vulnerability in WPCeasy",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425395/100/0/threaded"
},
{
"name": "ADV-2006-0662",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0662"
},
{
"name": "16721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16721"
},
{
"name": "18945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18945"
}
]
}
} }

148
2006/0xxx/CVE-2006-0933.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0933", "ID": "CVE-2006-0933",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "16799", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16799" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "ADV-2006-0722", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/0722" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18688", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18688" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpx-xcode-tag-xss(24874)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24874" ]
} },
] "references": {
} "reference_data": [
{
"name": "ADV-2006-0722",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0722"
},
{
"name": "16799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16799"
},
{
"name": "18688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18688"
},
{
"name": "phpx-xcode-tag-xss(24874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24874"
}
]
}
} }

138
2006/1xxx/CVE-2006-1167.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security-info@sgi.com",
"ID" : "CVE-2006-1167", "ID": "CVE-2006-1167",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060402-01-U", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" "lang": "eng",
}, "value": "SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information."
{ }
"name" : "24571", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/24571" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19607", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19607" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "19607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19607"
},
{
"name": "20060402-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "24571",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24571"
}
]
}
} }

178
2006/1xxx/CVE-2006-1544.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1544", "ID": "CVE-2006-1544",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060411 [eVuln] VNews Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430674/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters."
{ }
"name" : "http://www.evuln.com/vulns/112", ]
"refsource" : "MISC", },
"url" : "http://www.evuln.com/vulns/112" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17317", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17317" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1173", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1173" ]
}, },
{ "references": {
"name" : "24275", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24275" "name": "20060411 [eVuln] VNews Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/430674/100/0/threaded"
"name" : "19435", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19435" "name": "19435",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19435"
"name" : "vnews-news-xss(25530)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25530" "name": "ADV-2006-1173",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/1173"
} },
{
"name": "http://www.evuln.com/vulns/112",
"refsource": "MISC",
"url": "http://www.evuln.com/vulns/112"
},
{
"name": "24275",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24275"
},
{
"name": "17317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17317"
},
{
"name": "vnews-news-xss(25530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25530"
}
]
}
} }

178
2006/1xxx/CVE-2006-1585.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1585", "ID": "CVE-2006-1585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060331 MonAlbum 0.8.7 SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/429475/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php."
{ }
"name" : "http://www.bash-x.net/undef/adv/monalbum.html", ]
"refsource" : "MISC", },
"url" : "http://www.bash-x.net/undef/adv/monalbum.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17327", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17327" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1206", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1206" ]
}, },
{ "references": {
"name" : "19503", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19503" "name": "20060331 MonAlbum 0.8.7 SQL Injection",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/429475/100/0/threaded"
"name" : "660", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/660" "name": "ADV-2006-1206",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1206"
"name" : "monalbum-image-imageagrandir-sql-injection(25572)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25572" "name": "http://www.bash-x.net/undef/adv/monalbum.html",
} "refsource": "MISC",
] "url": "http://www.bash-x.net/undef/adv/monalbum.html"
} },
{
"name": "monalbum-image-imageagrandir-sql-injection(25572)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25572"
},
{
"name": "17327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17327"
},
{
"name": "19503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19503"
},
{
"name": "660",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/660"
}
]
}
} }

188
2006/1xxx/CVE-2006-1754.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1754", "ID": "CVE-2006-1754",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060411 Confixx 3.1.2 <= SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430671/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter."
{ }
"name" : "20060413 Re: Confixx 3.1.2 <= SQL Injection", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/430890/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060419 Confixx SQL Injection exploit (confixx_exploit.pl)", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431421/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt", ]
"refsource" : "CONFIRM", }
"url" : "http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt" ]
}, },
{ "references": {
"name" : "17476", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17476" "name": "17476",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17476"
"name" : "ADV-2006-1331", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1331" "name": "http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt",
}, "refsource": "CONFIRM",
{ "url": "http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt"
"name" : "19611", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19611" "name": "20060419 Confixx SQL Injection exploit (confixx_exploit.pl)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/431421/100/0/threaded"
"name" : "confixx-index-sql-injection(25749)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25749" "name": "20060411 Confixx 3.1.2 <= SQL Injection",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/430671/100/0/threaded"
} },
{
"name": "ADV-2006-1331",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1331"
},
{
"name": "19611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19611"
},
{
"name": "confixx-index-sql-injection(25749)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25749"
},
{
"name": "20060413 Re: Confixx 3.1.2 <= SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430890/100/0/threaded"
}
]
}
} }

168
2006/1xxx/CVE-2006-1804.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1804", "ID": "CVE-2006-1804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060412 phpMyAdmin 2.7.0-pl1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431013/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter."
{ }
"name" : "SUSE-SR:2006:009", ]
"refsource" : "SUSE", },
"url" : "http://www.novell.com/linux/security/advisories/2006_04_28.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1372", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1372" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19659", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/19659" ]
}, },
{ "references": {
"name" : "19897", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19897" "name": "ADV-2006-1372",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1372"
"name" : "phpmyadmin-sql-sql-injection(25858)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25858" "name": "19659",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19659"
} },
{
"name": "20060412 phpMyAdmin 2.7.0-pl1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431013/100/0/threaded"
},
{
"name": "phpmyadmin-sql-sql-injection(25858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25858"
},
{
"name": "19897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19897"
},
{
"name": "SUSE-SR:2006:009",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
}
]
}
} }

208
2006/1xxx/CVE-2006-1953.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1953", "ID": "CVE-2006-1953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files via a \"C:%5C\" (encoded drive letter) in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060516 Caucho Resin Windows Directory Traversal Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/434150/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files via a \"C:%5C\" (encoded drive letter) in a URL."
{ }
"name" : "20060516 Caucho Resin Windows Directory Traversal Vulnerability", ]
"refsource" : "VULNWATCH", },
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0026.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.rapid7.com/advisories/R7-0024.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.rapid7.com/advisories/R7-0024.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18005", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/18005" ]
}, },
{ "references": {
"name" : "ADV-2006-1831", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1831" "name": "18005",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18005"
"name" : "25570", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25570" "name": "20060516 Caucho Resin Windows Directory Traversal Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/434150/100/0/threaded"
"name" : "1016109", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016109" "name": "ADV-2006-1831",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1831"
"name" : "20125", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20125" "name": "resin-webserver-directory-traversal(26478)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26478"
"name" : "904", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/904" "name": "http://www.rapid7.com/advisories/R7-0024.html",
}, "refsource": "MISC",
{ "url": "http://www.rapid7.com/advisories/R7-0024.html"
"name" : "resin-webserver-directory-traversal(26478)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26478" "name": "1016109",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1016109"
} },
{
"name": "25570",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25570"
},
{
"name": "904",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/904"
},
{
"name": "20125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20125"
},
{
"name": "20060516 Caucho Resin Windows Directory Traversal Vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0026.html"
}
]
}
} }

168
2006/4xxx/CVE-2006-4004.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4004", "ID": "CVE-2006-4004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2087", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2087" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php."
{ }
"name" : "http://www.phpportals.com/forums/showthread.php?t=17308", ]
"refsource" : "MISC", },
"url" : "http://www.phpportals.com/forums/showthread.php?t=17308" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19257", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19257" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3102", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3102" ]
}, },
{ "references": {
"name" : "21287", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21287" "name": "http://www.phpportals.com/forums/showthread.php?t=17308",
}, "refsource": "MISC",
{ "url": "http://www.phpportals.com/forums/showthread.php?t=17308"
"name" : "vbportal-cookie-file-include(28077)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28077" "name": "19257",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/19257"
} },
{
"name": "2087",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2087"
},
{
"name": "vbportal-cookie-file-include(28077)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28077"
},
{
"name": "21287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21287"
},
{
"name": "ADV-2006-3102",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3102"
}
]
}
} }

188
2006/4xxx/CVE-2006-4208.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4208", "ID": "CVE-2006-4208",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060814 Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/443181/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php."
{ }
"name" : "http://trac.wordpress.org/changeset/4095", ]
"refsource" : "CONFIRM", },
"url" : "http://trac.wordpress.org/changeset/4095" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19504", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/19504" ]
}, },
{ "references": {
"name" : "ADV-2006-3280", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3280" "name": "21486",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21486"
"name" : "21486", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21486" "name": "http://trac.wordpress.org/changeset/4095",
}, "refsource": "CONFIRM",
{ "url": "http://trac.wordpress.org/changeset/4095"
"name" : "1401", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1401" "name": "http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/",
}, "refsource": "CONFIRM",
{ "url": "http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/"
"name" : "wpdbbackup-edit-directory-traversal(28375)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28375" "name": "wpdbbackup-edit-directory-traversal(28375)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28375"
} },
{
"name": "19504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19504"
},
{
"name": "1401",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1401"
},
{
"name": "20060814 Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443181/100/0/threaded"
},
{
"name": "ADV-2006-3280",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3280"
}
]
}
} }

908
2006/4xxx/CVE-2006-4924.json
View File

@ -1,457 +1,457 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-4924", "ID": "CVE-2006-4924",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447153/100/0/threaded" "lang": "eng",
}, "value": "sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector."
{ }
"name" : "[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability", "description": [
"refsource" : "MLIST", {
"url" : "http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955", ]
"refsource" : "MISC", }
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955" ]
}, },
{ "references": {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=148228", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=148228" "name": "FreeBSD-SA-06:22",
}, "refsource": "FREEBSD",
{ "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm" "name": "http://sourceforge.net/forum/forum.php?forum_id=681763",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/forum/forum.php?forum_id=681763"
"name" : "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227" "name": "http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability",
}, "refsource": "CONFIRM",
{ "url": "http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm" "name": "22270",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22270"
"name" : "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" "name": "HPSBUX02178",
}, "refsource": "HP",
{ "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
"name" : "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" "name": "23038",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23038"
"name" : "https://issues.rpath.com/browse/RPL-661", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-661" "name": "USN-355-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-355-1"
"name" : "http://docs.info.apple.com/article.html?artnum=305214", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305214" "name": "2006-0054",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2006/0054"
"name" : "http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability", },
"refsource" : "CONFIRM", {
"url" : "http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability" "name": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
"name" : "http://sourceforge.net/forum/forum.php?forum_id=681763", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/forum/forum.php?forum_id=681763" "name": "ADV-2006-4401",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4401"
"name" : "https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg", },
"refsource" : "CONFIRM", {
"url" : "https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg" "name": "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227"
"name" : "APPLE-SA-2007-03-13", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" "name": "ADV-2009-0740",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/0740"
"name" : "DSA-1189", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1189" "name": "22116",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22116"
"name" : "DSA-1212", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1212" "name": "21923",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21923"
"name" : "FreeBSD-SA-06:22.openssh", },
"refsource" : "FREEBSD", {
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc" "name": "24805",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24805"
"name" : "FreeBSD-SA-06:22", },
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc" "name": "23340",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23340"
"name" : "GLSA-200609-17", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200609-17.xml" "name": "[2.9] 015: SECURITY FIX: October 12, 2006",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata.html#ssh"
"name" : "GLSA-200611-06", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200611-06.xml" "name": "SUSE-SR:2006:024",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
"name" : "HPSBUX02178", },
"refsource" : "HP", {
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112" "name": "22487",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22487"
"name" : "SSRT061267", },
"refsource" : "HP", {
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112" "name": "TA07-072A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name" : "MDKSA-2006:179", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:179" "name": "GLSA-200611-06",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200611-06.xml"
"name" : "[2.9] 015: SECURITY FIX: October 12, 2006", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata.html#ssh" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm"
"name" : "OpenPKG-SA-2006.022", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html" "name": "http://bugs.gentoo.org/show_bug.cgi?id=148228",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=148228"
"name" : "RHSA-2006:0698", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0698.html" "name": "22164",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22164"
"name" : "RHSA-2006:0697", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0697.html" "name": "102962",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1"
"name" : "SCOSA-2008.2", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt" "name": "SUSE-SA:2006:062",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_62_openssh.html"
"name" : "20061001-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc" "name": "22362",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22362"
"name" : "SSA:2006-272-02", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566" "name": "23680",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23680"
"name" : "102962", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1" "name": "APPLE-SA-2007-03-13",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name" : "SUSE-SR:2006:024", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_24_sr.html" "name": "34274",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34274"
"name" : "SUSE-SA:2006:062", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_62_openssh.html" "name": "VU#787448",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/787448"
"name" : "2006-0054", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2006/0054" "name": "http://docs.info.apple.com/article.html?artnum=305214",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305214"
"name" : "USN-355-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-355-1" "name": "1016931",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016931"
"name" : "TA07-072A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" "name": "ADV-2006-4869",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4869"
"name" : "VU#787448", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/787448" "name": "22298",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22298"
"name" : "20216", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20216" "name": "22352",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22352"
"name" : "oval:org.mitre.oval:def:10462", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462" "name": "22236",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22236"
"name" : "34274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34274" "name": "oval:org.mitre.oval:def:1193",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193"
"name" : "ADV-2006-3777", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3777" "name": "24799",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24799"
"name" : "ADV-2006-4401", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4401" "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955"
"name" : "ADV-2006-4869", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4869" "name": "22091",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22091"
"name" : "ADV-2007-0930", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0930" "name": "SSRT061267",
}, "refsource": "HP",
{ "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
"name" : "ADV-2007-1332", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1332" "name": "22495",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22495"
"name" : "ADV-2007-2119", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2119" "name": "ADV-2007-1332",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1332"
"name" : "29152", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29152" "name": "20216",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20216"
"name" : "oval:org.mitre.oval:def:1193", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193" "name": "20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447153/100/0/threaded"
"name" : "1016931", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016931" "name": "GLSA-200609-17",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200609-17.xml"
"name" : "22091", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22091" "name": "22823",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22823"
"name" : "21923", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21923" "name": "FreeBSD-SA-06:22.openssh",
}, "refsource": "FREEBSD",
{ "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc"
"name" : "22164", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22164" "name": "SSA:2006-272-02",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566"
"name" : "22158", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22158" "name": "RHSA-2006:0697",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0697.html"
"name" : "22183", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22183" "name": "https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg",
}, "refsource": "CONFIRM",
{ "url": "https://hypersonic.bluecoat.com/support/securityadvisories/ssh_server_on_sg"
"name" : "22196", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22196" "name": "ADV-2006-3777",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3777"
"name" : "22236", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22236" "name": "OpenPKG-SA-2006.022",
}, "refsource": "OPENPKG",
{ "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html"
"name" : "22270", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22270" "name": "22183",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22183"
"name" : "22116", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22116" "name": "openssh-block-dos(29158)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29158"
"name" : "22208", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22208" "name": "[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2"
"name" : "22245", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22245" "name": "23241",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23241"
"name" : "22352", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22352" "name": "ADV-2007-2119",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2119"
"name" : "22362", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22362" "name": "ADV-2007-0930",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0930"
"name" : "22495", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22495" "name": "[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability",
}, "refsource": "MLIST",
{ "url": "http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html"
"name" : "22487", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22487" "name": "22926",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22926"
"name" : "22823", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22823" "name": "29371",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29371"
"name" : "22926", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22926" "name": "22208",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22208"
"name" : "23038", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23038" "name": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
"name" : "23241", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23241" "name": "22245",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22245"
"name" : "22298", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22298" "name": "20061001-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
"name" : "23340", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23340" "name": "https://issues.rpath.com/browse/RPL-661",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-661"
"name" : "23680", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23680" "name": "22196",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22196"
"name" : "24479", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24479" "name": "DSA-1212",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1212"
"name" : "24805", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24805" "name": "oval:org.mitre.oval:def:10462",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462"
"name" : "25608", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25608" "name": "RHSA-2006:0698",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html"
"name" : "24799", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24799" "name": "29152",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29152"
"name" : "29371", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29371" "name": "25608",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25608"
"name" : "ADV-2009-0740", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0740" "name": "22158",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22158"
"name" : "openssh-block-dos(29158)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29158" "name": "MDKSA-2006:179",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:179"
} },
{
"name": "DSA-1189",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1189"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm"
},
{
"name": "SCOSA-2008.2",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
} }

198
2006/5xxx/CVE-2006-5515.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5515", "ID": "CVE-2006-5515",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in lib-history.inc.php in phpAdsNew and phpPgAds before 2.0.8-pr1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to injected data that is stored by a delivery script and displayed by the admin interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061023 [PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/449484/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in lib-history.inc.php in phpAdsNew and phpPgAds before 2.0.8-pr1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to injected data that is stored by a delivery script and displayed by the admin interface."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=457774&group_id=11386", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=457774&group_id=11386" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=457775&group_id=36679", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=457775&group_id=36679" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4147", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4147" ]
}, },
{ "references": {
"name" : "ADV-2006-4148", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4148" "name": "phpadsnew-libhistory-xss(29766)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29766"
"name" : "22526", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22526" "name": "ADV-2006-4147",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4147"
"name" : "22529", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22529" "name": "22526",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22526"
"name" : "1777", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1777" "name": "ADV-2006-4148",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4148"
"name" : "phpadsnew-libhistory-xss(29766)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29766" "name": "20061023 [PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/449484/100/0/threaded"
} },
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=457775&group_id=36679",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=457775&group_id=36679"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=457774&group_id=11386",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=457774&group_id=11386"
},
{
"name": "1777",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1777"
},
{
"name": "22529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22529"
}
]
}
} }

158
2006/5xxx/CVE-2006-5837.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5837", "ID": "CVE-2006-5837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2733", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2733" "lang": "eng",
}, "value": "Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter."
{ }
"name" : "20947", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20947" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4376", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4376" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22748", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22748" ]
}, },
{ "references": {
"name" : "iware-postmessage-code-execution(30078)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30078" "name": "iware-postmessage-code-execution(30078)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30078"
} },
{
"name": "22748",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22748"
},
{
"name": "ADV-2006-4376",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4376"
},
{
"name": "20947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20947"
},
{
"name": "2733",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2733"
}
]
}
} }

32
2010/0xxx/CVE-2010-0099.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-0099", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-0099",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0092. Reason: This candidate is a duplicate of CVE-2010-0092. Notes: All CVE users should reference CVE-2010-0092 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0092. Reason: This candidate is a duplicate of CVE-2010-0092. Notes: All CVE users should reference CVE-2010-0092 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

32
2010/0xxx/CVE-2010-0495.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-0495", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-0495",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
} }
] ]
} }
} }

138
2010/0xxx/CVE-2010-0637.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0637", "ID": "CVE-2010-0637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to hijack the authentication of administrators for requests that (1) delete an event or (2) ban an IP address from posting via unknown vectors. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://holisticinfosec.org/content/view/133/45/", "description_data": [
"refsource" : "MISC", {
"url" : "http://holisticinfosec.org/content/view/133/45/" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to hijack the authentication of administrators for requests that (1) delete an event or (2) ban an IP address from posting via unknown vectors. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2", ]
"refsource" : "CONFIRM", },
"url" : "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38222", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38222" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2",
"refsource": "CONFIRM",
"url": "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2"
},
{
"name": "38222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38222"
},
{
"name": "http://holisticinfosec.org/content/view/133/45/",
"refsource": "MISC",
"url": "http://holisticinfosec.org/content/view/133/45/"
}
]
}
} }

208
2010/2xxx/CVE-2010-2075.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-2075", "ID": "CVE-2010-2075",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "13853", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/13853" "lang": "eng",
}, "value": "UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands."
{ }
"name" : "20100612 Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2010/Jun/277" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20100612 Re: Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2010/Jun/284" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20100614 Re: CVE request: UnrealIRCd 3.2.8.1 source code contained a backdoor allowing for remote command execution", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2010/06/14/11" ]
}, },
{ "references": {
"name" : "http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt" "name": "http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt"
"name" : "GLSA-201006-21", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201006-21.xml" "name": "ADV-2010-1437",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1437"
"name" : "40820", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40820" "name": "GLSA-201006-21",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201006-21.xml"
"name" : "65445", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/65445" "name": "65445",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/65445"
"name" : "40169", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40169" "name": "[oss-security] 20100614 Re: CVE request: UnrealIRCd 3.2.8.1 source code contained a backdoor allowing for remote command execution",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/06/14/11"
"name" : "ADV-2010-1437", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1437" "name": "13853",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/13853"
} },
{
"name": "40169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40169"
},
{
"name": "20100612 Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jun/277"
},
{
"name": "40820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40820"
},
{
"name": "20100612 Re: Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jun/284"
}
]
}
} }

148
2010/2xxx/CVE-2010-2512.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2512", "ID": "CVE-2010-2512",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14008", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/14008" "lang": "eng",
}, "value": "SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter."
{ }
"name" : "41109", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/41109" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "65712", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/65712" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40338", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/40338" ]
} },
] "references": {
} "reference_data": [
{
"name": "41109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41109"
},
{
"name": "65712",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65712"
},
{
"name": "40338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40338"
},
{
"name": "14008",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14008"
}
]
}
} }

178
2010/2xxx/CVE-2010-2610.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2610", "ID": "CVE-2010-2610",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14025", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/14025" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php."
{ }
"name" : "41123", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/41123" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "65714", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/65714" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "65715", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/65715" ]
}, },
{ "references": {
"name" : "65716", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/65716" "name": "14025",
}, "refsource": "EXPLOIT-DB",
{ "url": "http://www.exploit-db.com/exploits/14025"
"name" : "40301", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40301" "name": "65714",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/65714"
"name" : "jobsitescript-multiple-sql-injection(59733)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59733" "name": "65715",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/65715"
} },
{
"name": "65716",
"refsource": "OSVDB",
"url": "http://osvdb.org/65716"
},
{
"name": "40301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40301"
},
{
"name": "jobsitescript-multiple-sql-injection(59733)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59733"
},
{
"name": "41123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41123"
}
]
}
} }

128
2010/3xxx/CVE-2010-3516.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3516", "ID": "CVE-2010-3516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand."
{ }
"name" : "TA10-287A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}
} }

148
2010/3xxx/CVE-2010-3959.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-3959", "ID": "CVE-2010-3959",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka \"OpenType CMAP Table Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-091", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091" "lang": "eng",
}, "value": "The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka \"OpenType CMAP Table Vulnerability.\""
{ }
"name" : "TA10-348A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12280", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12280" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024873", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1024873" ]
} },
] "references": {
} "reference_data": [
{
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name": "1024873",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024873"
},
{
"name": "oval:org.mitre.oval:def:12280",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12280"
},
{
"name": "MS10-091",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091"
}
]
}
} }

198
2010/3xxx/CVE-2010-3964.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-3964", "ID": "CVE-2010-3964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka \"Malformed Request Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-287/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-287/" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka \"Malformed Request Code Execution Vulnerability.\""
{ }
"name" : "MS10-104", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA10-348A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "45264", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/45264" ]
}, },
{ "references": {
"name" : "69817", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/69817" "name": "69817",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/69817"
"name" : "oval:org.mitre.oval:def:11737", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737" "name": "TA10-348A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name" : "1024886", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024886" "name": "MS10-104",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104"
"name" : "42631", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42631" "name": "ADV-2010-3226",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/3226"
"name" : "ADV-2010-3226", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3226" "name": "1024886",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1024886"
} },
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-287/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-287/"
},
{
"name": "45264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45264"
},
{
"name": "42631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42631"
},
{
"name": "oval:org.mitre.oval:def:11737",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737"
}
]
}
} }

298
2010/4xxx/CVE-2010-4156.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4156", "ID": "CVE-2010-4156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20101107 CVE Request: PHP 5.3.3, libmbfl, mb_strcut", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/11/07/2" "lang": "eng",
}, "value": "The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter)."
{ }
"name" : "[oss-security] 20101108 Re: CVE Request: PHP 5.3.3, libmbfl, mb_strcut", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2010/11/08/13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://pastie.org/1279428", "description": [
"refsource" : "MISC", {
"url" : "http://pastie.org/1279428" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://pastie.org/1279682", ]
"refsource" : "MISC", }
"url" : "http://pastie.org/1279682" ]
}, },
{ "references": {
"name" : "http://www.php.net/ChangeLog-5.php", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php" "name": "ADV-2011-0077",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0077"
"name" : "FEDORA-2010-18976", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html" "name": "FEDORA-2010-19011",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html"
"name" : "FEDORA-2010-19011", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html" "name": "42812",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42812"
"name" : "HPSBMA02662", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2" "name": "RHSA-2011:0196",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html"
"name" : "SSRT100409", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2" "name": "HPSBMA02662",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
"name" : "MDVSA-2010:225", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:225" "name": "http://pastie.org/1279428",
}, "refsource": "MISC",
{ "url": "http://pastie.org/1279428"
"name" : "RHSA-2011:0196", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0196.html" "name": "USN-1042-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1042-1"
"name" : "USN-1042-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1042-1" "name": "ADV-2011-0021",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0021"
"name" : "44727", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44727" "name": "http://www.php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php"
"name" : "42135", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42135" "name": "44727",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/44727"
"name" : "42812", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42812" "name": "[oss-security] 20101108 Re: CVE Request: PHP 5.3.3, libmbfl, mb_strcut",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/11/08/13"
"name" : "43189", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43189" "name": "MDVSA-2010:225",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:225"
"name" : "ADV-2011-0020", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0020" "name": "SSRT100409",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
"name" : "ADV-2011-0021", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0021" "name": "FEDORA-2010-18976",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html"
"name" : "ADV-2011-0077", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0077" "name": "ADV-2011-0020",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0020"
} },
{
"name": "43189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43189"
},
{
"name": "42135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42135"
},
{
"name": "http://pastie.org/1279682",
"refsource": "MISC",
"url": "http://pastie.org/1279682"
},
{
"name": "[oss-security] 20101107 CVE Request: PHP 5.3.3, libmbfl, mb_strcut",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/11/07/2"
}
]
}
} }

158
2010/4xxx/CVE-2010-4406.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4406", "ID": "CVE-2010-4406",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15656", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15656" "lang": "eng",
}, "value": "Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter."
{ }
"name" : "http://packetstormsecurity.org/files/view/96296/littlephpgallery-lfi.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/files/view/96296/littlephpgallery-lfi.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45143", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45143" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "69564", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/69564" ]
}, },
{ "references": {
"name" : "42444", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42444" "name": "45143",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/45143"
} },
{
"name": "42444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42444"
},
{
"name": "15656",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15656"
},
{
"name": "http://packetstormsecurity.org/files/view/96296/littlephpgallery-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96296/littlephpgallery-lfi.txt"
},
{
"name": "69564",
"refsource": "OSVDB",
"url": "http://osvdb.org/69564"
}
]
}
} }

118
2010/4xxx/CVE-2010-4728.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4728", "ID": "CVE-2010-4728",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.zikula.org/core/ticket/2009", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.zikula.org/core/ticket/2009" "lang": "eng",
} "value": "Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.zikula.org/core/ticket/2009",
"refsource": "CONFIRM",
"url": "http://code.zikula.org/core/ticket/2009"
}
]
}
} }

208
2010/4xxx/CVE-2010-4823.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4823", "ID": "CVE-2010-4823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via \"missing URL actions.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110104 CVE request: silverstripe before 2.4.4", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/01/03/12" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via \"missing URL actions.\""
{ }
"name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2012/05/01/3" ]
}, },
{ "references": {
"name" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4" "name": "69886",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/69886"
"name" : "http://open.silverstripe.org/changeset/114444", },
"refsource" : "CONFIRM", {
"url" : "http://open.silverstripe.org/changeset/114444" "name": "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/05/01/3"
"name" : "45367", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45367" "name": "45367",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45367"
"name" : "69886", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/69886" "name": "42346",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42346"
"name" : "42346", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42346" "name": "silverstripe-requesthandler-xss(63988)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63988"
"name" : "silverstripe-requesthandler-xss(63988)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63988" "name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2012/04/30/1"
} },
{
"name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name": "[oss-security] 20110104 CVE request: silverstripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/03/12"
},
{
"name": "http://open.silverstripe.org/changeset/114444",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114444"
},
{
"name": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4"
}
]
}
} }

178
2011/1xxx/CVE-2011-1192.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1192", "ID": "CVE-2011-1192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=70779", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=70779" "lang": "eng",
}, "value": "Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://docs.google.com/a/google.com/document/d/1YoJbpG0uTz0TI3VhRPLQxGP6hkOYwpv4t7ZJDofBC-A/edit?hl=en&authkey=CPWzgZAG", "description": [
"refsource" : "CONFIRM", {
"url" : "https://docs.google.com/a/google.com/document/d/1YoJbpG0uTz0TI3VhRPLQxGP6hkOYwpv4t7ZJDofBC-A/edit?hl=en&authkey=CPWzgZAG" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "46785", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/46785" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:13990", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13990" "name": "46785",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/46785"
"name" : "ADV-2011-0628", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0628" "name": "https://docs.google.com/a/google.com/document/d/1YoJbpG0uTz0TI3VhRPLQxGP6hkOYwpv4t7ZJDofBC-A/edit?hl=en&authkey=CPWzgZAG",
}, "refsource": "CONFIRM",
{ "url": "https://docs.google.com/a/google.com/document/d/1YoJbpG0uTz0TI3VhRPLQxGP6hkOYwpv4t7ZJDofBC-A/edit?hl=en&authkey=CPWzgZAG"
"name" : "google-unicode-unspecified(65956)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65956" "name": "google-unicode-unspecified(65956)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65956"
} },
{
"name": "oval:org.mitre.oval:def:13990",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13990"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=70779",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=70779"
},
{
"name": "ADV-2011-0628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0628"
}
]
}
} }

168
2011/5xxx/CVE-2011-5203.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5203", "ID": "CVE-2011-5203",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18293", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18293" "lang": "eng",
}, "value": "SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "20111229 Akiva Webboard 8.x SQL Injection + Plaintext Passwords.", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2011-12/0475.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "51210", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51210" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "78069", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/78069" ]
}, },
{ "references": {
"name" : "47318", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47318" "name": "20111229 Akiva Webboard 8.x SQL Injection + Plaintext Passwords.",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-12/0475.html"
"name" : "webboard-default-sql-injection(72036)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72036" "name": "webboard-default-sql-injection(72036)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72036"
} },
{
"name": "51210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51210"
},
{
"name": "78069",
"refsource": "OSVDB",
"url": "http://osvdb.org/78069"
},
{
"name": "47318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47318"
},
{
"name": "18293",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18293"
}
]
}
} }

32
2011/5xxx/CVE-2011-5247.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5247", "ID": "CVE-2011-5247",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

178
2014/3xxx/CVE-2014-3040.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-3040", "ID": "CVE-2014-3040",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before 10.0.2.2 iFix 2; Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4; and Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680370", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680370" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before 10.0.2.2 iFix 2; Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4; and Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680665", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680665" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681277", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681277" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "60480", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/60480" ]
}, },
{ "references": {
"name" : "60479", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60479" "name": "60480",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60480"
"name" : "60481", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60481" "name": "60479",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60479"
"name" : "ibm-emptoris-cve20143040-csrf(93306)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/93306" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681277",
} "refsource": "CONFIRM",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681277"
} },
{
"name": "60481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60481"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680370",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680370"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680665",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680665"
},
{
"name": "ibm-emptoris-cve20143040-csrf(93306)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93306"
}
]
}
} }

138
2014/3xxx/CVE-2014-3274.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-3274", "ID": "CVE-2014-3274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34327", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34327" "lang": "eng",
}, "value": "Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326."
{ }
"name" : "20140521 Cisco TelePresence System Directory Information Disclosure Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030272", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030272" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34327",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34327"
},
{
"name": "20140521 Cisco TelePresence System Directory Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274"
},
{
"name": "1030272",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030272"
}
]
}
} }

158
2014/3xxx/CVE-2014-3421.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3421", "ID": "CVE-2014-3421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html" "lang": "eng",
}, "value": "lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file."
{ }
"name" : "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2014/05/07/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8", "description": [
"refsource" : "CONFIRM", {
"url" : "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://advisories.mageia.org/MGASA-2014-0250.html", ]
"refsource" : "CONFIRM", }
"url" : "http://advisories.mageia.org/MGASA-2014-0250.html" ]
}, },
{ "references": {
"name" : "MDVSA-2015:117", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117" "name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
} "refsource": "MLIST",
] "url": "http://openwall.com/lists/oss-security/2014/05/07/7"
} },
{
"name": "[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"name": "MDVSA-2015:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0250.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"name": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8",
"refsource": "CONFIRM",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
]
}
} }

148
2014/3xxx/CVE-2014-3796.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3796", "ID": "CVE-2014-3796",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0009.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0009.html" "lang": "eng",
}, "value": "VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors."
{ }
"name" : "1030835", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1030835" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "59938", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59938" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "vmware-vcns-cve20143796-info-disc(95926)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"name": "1030835",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030835"
},
{
"name": "59938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59938"
},
{
"name": "vmware-vcns-cve20143796-info-disc(95926)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
}
]
}
} }

228
2014/4xxx/CVE-2014-4312.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4312", "ID": "CVE-2014-4312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to Order details; (2) Description section to \"Order to consume\"; (3) Favorites name section to Favorites; (4) FiltKeyword parameter to Procurement/EKPHTML/search_item_bt.asp; (5) Act parameter to Procurement/EKPHTML/EnterpriseManager/Budget/ImportBudget_fr.asp; (6) hdnOpener or (7) hdnApproverFieldName parameter to Procurement/EKPHTML/EnterpriseManager/UserSearchDlg.asp; or (8) INTEGRATED parameter to Procurement/EKPHTML/EnterpriseManager/Codes.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "34864", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/34864" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to Order details; (2) Description section to \"Order to consume\"; (3) Favorites name section to Favorites; (4) FiltKeyword parameter to Procurement/EKPHTML/search_item_bt.asp; (5) Act parameter to Procurement/EKPHTML/EnterpriseManager/Budget/ImportBudget_fr.asp; (6) hdnOpener or (7) hdnApproverFieldName parameter to Procurement/EKPHTML/EnterpriseManager/UserSearchDlg.asp; or (8) INTEGRATED parameter to Procurement/EKPHTML/EnterpriseManager/Codes.asp."
{ }
"name" : "20141001 Epicor Enterprise vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Oct/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/128511/Epicor-Password-Disclosure-Cross-Site-Scripting.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/128511/Epicor-Password-Disclosure-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "70192", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/70192" ]
}, },
{ "references": {
"name" : "112464", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112464" "name": "112470",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/show/osvdb/112470"
"name" : "112465", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112465" "name": "70192",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/70192"
"name" : "112466", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112466" "name": "112471",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/show/osvdb/112471"
"name" : "112467", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112467" "name": "34864",
}, "refsource": "EXPLOIT-DB",
{ "url": "http://www.exploit-db.com/exploits/34864"
"name" : "112469", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112469" "name": "112469",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/show/osvdb/112469"
"name" : "112470", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112470" "name": "112467",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/show/osvdb/112467"
"name" : "112471", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/112471" "name": "20141001 Epicor Enterprise vulnerabilities",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2014/Oct/2"
"name" : "epicor-cve20144312-xss(96793)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96793" "name": "epicor-cve20144312-xss(96793)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96793"
} },
{
"name": "112464",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/112464"
},
{
"name": "112466",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/112466"
},
{
"name": "112465",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/112465"
},
{
"name": "http://packetstormsecurity.com/files/128511/Epicor-Password-Disclosure-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128511/Epicor-Password-Disclosure-Cross-Site-Scripting.html"
}
]
}
} }

118
2014/4xxx/CVE-2014-4564.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4564", "ID": "CVE-2014-4564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in check.php in the Validated plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss", "description_data": [
"refsource" : "MISC", {
"url" : "http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in check.php in the Validated plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-validated-a3-cross-site-scripting-xss"
}
]
}
} }

148
2014/7xxx/CVE-2014-7835.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-7835", "ID": "CVE-2014-7835",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141117 Moodle security issues are now public", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/11/17/11" "lang": "eng",
}, "value": "webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=275161", "description": [
"refsource" : "CONFIRM", {
"url" : "https://moodle.org/mod/forum/discuss.php?d=275161" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1031215", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1031215" ]
} },
] "references": {
} "reference_data": [
{
"name": "1031215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031215"
},
{
"name": "[oss-security] 20141117 Moodle security issues are now public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/11/17/11"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=275161",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=275161"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868"
}
]
}
} }

32
2014/8xxx/CVE-2014-8236.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-8236", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-8236",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

158
2014/8xxx/CVE-2014-8336.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8336", "ID": "CVE-2014-8336",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The \"Sql Run Query\" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141021 Re: Vulnerabilities in WordPress Database Manager v2.7.1", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/10/21/3" "lang": "eng",
}, "value": "The \"Sql Run Query\" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by leveraging failure to sufficiently limit queries, as demonstrated by use of LOAD_FILE in an INSERT statement."
{ }
"name" : "http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html", ]
"refsource" : "MISC", },
"url" : "http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/lesterchan/wp-dbmanager/commit/7037fa8f61644098044379190d1d4bf1883b8e4a", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/lesterchan/wp-dbmanager/commit/7037fa8f61644098044379190d1d4bf1883b8e4a" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://wordpress.org/plugins/wp-dbmanager/#developers", ]
"refsource" : "CONFIRM", }
"url" : "https://wordpress.org/plugins/wp-dbmanager/#developers" ]
}, },
{ "references": {
"name" : "dbmgr-wordpress-cve20148336-file-download(97694)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97694" "name": "https://github.com/lesterchan/wp-dbmanager/commit/7037fa8f61644098044379190d1d4bf1883b8e4a",
} "refsource": "CONFIRM",
] "url": "https://github.com/lesterchan/wp-dbmanager/commit/7037fa8f61644098044379190d1d4bf1883b8e4a"
} },
{
"name": "http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html",
"refsource": "MISC",
"url": "http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html"
},
{
"name": "dbmgr-wordpress-cve20148336-file-download(97694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97694"
},
{
"name": "https://wordpress.org/plugins/wp-dbmanager/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/wp-dbmanager/#developers"
},
{
"name": "[oss-security] 20141021 Re: Vulnerabilities in WordPress Database Manager v2.7.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/10/21/3"
}
]
}
} }

138
2014/8xxx/CVE-2014-8788.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8788", "ID": "CVE-2014-8788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141127 FileVista < v6.0.8.0 Insecure zip file handling", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Nov/87" "lang": "eng",
}, "value": "GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message."
{ }
"name" : "http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20141127 FileVista < v6.0.8.0 Insecure zip file handling",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Nov/87"
},
{
"name": "http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx",
"refsource": "CONFIRM",
"url": "http://support.gleamtech.com/kb/a10/version-history-of-filevista.aspx"
},
{
"name": "http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129304/FileVista-Path-Leakage-Path-Write-Modification.html"
}
]
}
} }

298
2014/9xxx/CVE-2014-9029.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9029", "ID": "CVE-2014-9029",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141204 [oCERT-2014-009] JasPer input sanitization errors", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/534153/100/0/threaded" "lang": "eng",
}, "value": "Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow."
{ }
"name" : "[oss-security] 20141204 [oCERT-2014-009] JasPer input sanitization errors", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/12/04/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.ocert.org/advisories/ocert-2014-009.html", ]
"refsource" : "MISC", }
"url" : "http://www.ocert.org/advisories/ocert-2014-009.html" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1167537", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1167537" "name": "[oss-security] 20141204 [oCERT-2014-009] JasPer input sanitization errors",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/12/04/9"
"name" : "http://advisories.mageia.org/MGASA-2014-0514.html", },
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2014-0514.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "name": "http://www.ocert.org/advisories/ocert-2014-009.html",
}, "refsource": "MISC",
{ "url": "http://www.ocert.org/advisories/ocert-2014-009.html"
"name" : "DSA-3089", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3089" "name": "jasper-cve20149029-bo(99125)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99125"
"name" : "MDVSA-2014:247", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:247" "name": "http://advisories.mageia.org/MGASA-2014-0514.html",
}, "refsource": "CONFIRM",
{ "url": "http://advisories.mageia.org/MGASA-2014-0514.html"
"name" : "MDVSA-2015:159", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:159" "name": "USN-2434-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2434-1"
"name" : "RHSA-2014:2021", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-2021.html" "name": "USN-2434-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2434-2"
"name" : "RHSA-2015:0698", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0698.html" "name": "71476",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71476"
"name" : "SSA:2015-302-02", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606" "name": "MDVSA-2014:247",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:247"
"name" : "USN-2434-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2434-1" "name": "61747",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61747"
"name" : "USN-2434-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2434-2" "name": "62828",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62828"
"name" : "71476", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71476" "name": "20141204 [oCERT-2014-009] JasPer input sanitization errors",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/534153/100/0/threaded"
"name" : "61747", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61747" "name": "http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html"
"name" : "62828", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62828" "name": "RHSA-2015:0698",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
"name" : "jasper-cve20149029-bo(99125)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99125" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1167537",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1167537"
} },
{
"name": "RHSA-2014:2021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-2021.html"
},
{
"name": "DSA-3089",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3089"
},
{
"name": "SSA:2015-302-02",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"
},
{
"name": "MDVSA-2015:159",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:159"
}
]
}
} }

32
2014/9xxx/CVE-2014-9187.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9187", "ID": "CVE-2014-9187",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/9xxx/CVE-2014-9786.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2014-9786", "ID": "CVE-2014-9786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-07-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-07-01.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91628", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91628" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "91628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91628"
},
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2fb303d9c6ca080f253b10ed9384293ca69ad32b"
}
]
}
} }

138
2016/2xxx/CVE-2016-2021.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2021", "ID": "CVE-2016-2021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-2016-2030."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085" "lang": "eng",
}, "value": "HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-2016-2030."
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", ]
"refsource" : "CONFIRM", },
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
}
]
}
} }

128
2016/2xxx/CVE-2016-2351.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-2351", "ID": "CVE-2016-2351",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/", "description_data": [
"refsource" : "MISC", {
"url" : "http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/" "lang": "eng",
}, "value": "SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter."
{ }
"name" : "VU#505560", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/505560" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/",
"refsource": "MISC",
"url": "http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/"
},
{
"name": "VU#505560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/505560"
}
]
}
} }

118
2016/2xxx/CVE-2016-2493.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-2493", "ID": "CVE-2016-2493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-06-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-06-01.html" "lang": "eng",
} "value": "The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-06-01.html"
}
]
}
} }

32
2016/2xxx/CVE-2016-2753.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2753", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2753",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

218
2016/2xxx/CVE-2016-2838.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-2838", "ID": "CVE-2016-2838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-64.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-64.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1279814", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1279814" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3640", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3640" ]
}, },
{ "references": {
"name" : "GLSA-201701-15", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "DSA-3640",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3640"
"name" : "RHSA-2016:1551", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1551.html" "name": "1036508",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036508"
"name" : "openSUSE-SU-2016:1964", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "openSUSE-SU-2016:2026", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" "name": "USN-3044-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3044-1"
"name" : "USN-3044-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3044-1" "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-64.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-64.html"
"name" : "92261", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92261" "name": "RHSA-2016:1551",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1551.html"
"name" : "1036508", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036508" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1279814",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1279814"
} },
{
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name": "openSUSE-SU-2016:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
},
{
"name": "92261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92261"
},
{
"name": "openSUSE-SU-2016:2026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
}
]
}
} }

32
2016/3xxx/CVE-2016-3719.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-3719", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-3719",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

32
2016/6xxx/CVE-2016-6063.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6063", "ID": "CVE-2016-6063",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/6xxx/CVE-2016-6227.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6227", "ID": "CVE-2016-6227",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

278
2016/6xxx/CVE-2016-6305.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-6305", "ID": "CVE-2016-6305",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9" "lang": "eng",
}, "value": "The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call."
{ }
"name" : "https://github.com/openssl/openssl/issues/1563", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/openssl/openssl/issues/1563" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.openssl.org/news/secadv/20160922.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.openssl.org/news/secadv/20160922.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" ]
}, },
{ "references": {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" "name": "https://www.openssl.org/news/secadv/20160922.txt",
}, "refsource": "CONFIRM",
{ "url": "https://www.openssl.org/news/secadv/20160922.txt"
"name" : "https://bto.bluecoat.com/security-advisory/sa132", },
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa132" "name": "https://www.tenable.com/security/tns-2016-20",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-20"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name" : "https://www.tenable.com/security/tns-2016-16", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-16" "name": "1036879",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036879"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" "name": "GLSA-201612-16",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201612-16"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9",
}, "refsource": "CONFIRM",
{ "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9"
"name" : "https://www.tenable.com/security/tns-2016-20", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-20" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
"name" : "https://www.tenable.com/security/tns-2016-21", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-21" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "name": "https://www.tenable.com/security/tns-2016-16",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-16"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "name": "https://www.tenable.com/security/tns-2016-21",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-21"
"name" : "GLSA-201612-16", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-16" "name": "93149",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93149"
"name" : "93149", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93149" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name" : "1036879", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036879" "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
} },
{
"name": "https://github.com/openssl/openssl/issues/1563",
"refsource": "CONFIRM",
"url": "https://github.com/openssl/openssl/issues/1563"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa132",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
}
]
}
} }

388
2016/6xxx/CVE-2016-6306.json
View File

@ -1,197 +1,197 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-6306", "ID": "CVE-2016-6306",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9" "lang": "eng",
}, "value": "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c."
{ }
"name" : "https://www.openssl.org/news/secadv/20160922.txt", ]
"refsource" : "CONFIRM", },
"url" : "https://www.openssl.org/news/secadv/20160922.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "name": "https://www.openssl.org/news/secadv/20160922.txt",
}, "refsource": "CONFIRM",
{ "url": "https://www.openssl.org/news/secadv/20160922.txt"
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" "name": "https://www.tenable.com/security/tns-2016-20",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-20"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" "name": "RHSA-2018:2185",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2185"
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", },
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" "name": "RHSA-2018:2186",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2186"
"name" : "https://bto.bluecoat.com/security-advisory/sa132", },
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa132" "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", },
"refsource" : "CONFIRM", {
"url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" "name": "93153",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93153"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" "name": "RHSA-2016:1940",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1940.html"
"name" : "https://www.tenable.com/security/tns-2016-16", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-16" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" "name": "GLSA-201612-16",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201612-16"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312",
}, "refsource": "CONFIRM",
{ "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312"
"name" : "https://www.tenable.com/security/tns-2016-20", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-20" "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us",
}, "refsource": "CONFIRM",
{ "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us"
"name" : "https://www.tenable.com/security/tns-2016-21", },
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2016-21" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "name": "1036885",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036885"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us", },
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us" "name": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/",
}, "refsource": "CONFIRM",
{ "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
"name" : "FreeBSD-SA-16:26", },
"refsource" : "FREEBSD", {
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc" "name": "https://www.tenable.com/security/tns-2016-16",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-16"
"name" : "GLSA-201612-16", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-16" "name": "https://www.tenable.com/security/tns-2016-21",
}, "refsource": "CONFIRM",
{ "url": "https://www.tenable.com/security/tns-2016-21"
"name" : "RHSA-2016:1940", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1940.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name" : "RHSA-2018:2185", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2185" "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
"name" : "RHSA-2018:2186", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2186" "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
"name" : "RHSA-2018:2187", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2187" "name": "https://bto.bluecoat.com/security-advisory/sa132",
}, "refsource": "CONFIRM",
{ "url": "https://bto.bluecoat.com/security-advisory/sa132"
"name" : "SUSE-SU-2016:2470", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9",
}, "refsource": "CONFIRM",
{ "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
"name" : "93153", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93153" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
"name" : "1036885", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036885" "name": "FreeBSD-SA-16:26",
} "refsource": "FREEBSD",
] "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc"
} },
{
"name": "SUSE-SU-2016:2470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"name": "RHSA-2018:2187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2187"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
}
]
}
} }

32
2016/6xxx/CVE-2016-6586.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6586", "ID": "CVE-2016-6586",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2016/7xxx/CVE-2016-7002.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-7002", "ID": "CVE-2016-7002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
{ }
"name" : "93496", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93496" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036986", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036986" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
} }

138
2016/7xxx/CVE-2016-7253.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-7253", "ID": "CVE-2016-7253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka \"SQL Server Agent Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-136", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136" "lang": "eng",
}, "value": "The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka \"SQL Server Agent Elevation of Privilege Vulnerability.\""
{ }
"name" : "94056", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94056" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037250", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037250" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1037250",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037250"
},
{
"name": "MS16-136",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136"
},
{
"name": "94056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94056"
}
]
}
} }

138
2016/7xxx/CVE-2016-7461.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@vmware.com", "ASSIGNER": "security@vmware.com",
"ID" : "CVE-2016-7461", "ID": "CVE-2016-7461",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2016-0019.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2016-0019.html" "lang": "eng",
}, "value": "The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors."
{ }
"name" : "94280", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94280" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037282", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037282" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "94280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94280"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0019.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0019.html"
},
{
"name": "1037282",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037282"
}
]
}
} }

178
2016/7xxx/CVE-2016-7641.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-7641", "ID": "CVE-2016-7641",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207421", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207421" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT207422", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207424", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207424" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT207427", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT207427" ]
}, },
{ "references": {
"name" : "GLSA-201706-15", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201706-15" "name": "https://support.apple.com/HT207427",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207427"
"name" : "94907", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94907" "name": "94907",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94907"
"name" : "1037459", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037459" "name": "https://support.apple.com/HT207421",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT207421"
} },
{
"name": "1037459",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037459"
},
{
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name": "GLSA-201706-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-15"
},
{
"name": "https://support.apple.com/HT207424",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207424"
}
]
}
} }

168
2016/7xxx/CVE-2016-7978.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7978", "ID": "CVE-2016-7978",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/05/15" "lang": "eng",
}, "value": "Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice."
{ }
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=697179", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=697179" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3691", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3691" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201702-31", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201702-31" ]
}, },
{ "references": {
"name" : "RHSA-2017:0013", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0013.html" "name": "DSA-3691",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3691"
"name" : "95336", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95336" "name": "95336",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/95336"
} },
{
"name": "RHSA-2017:0013",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0013.html"
},
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=697179",
"refsource": "CONFIRM",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=697179"
},
{
"name": "[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/05/15"
},
{
"name": "GLSA-201702-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-31"
}
]
}
} }