admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:05:03 +00:00
parent d46783154a
commit 2bbecdfdc7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3455 additions and 3455 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2006/3xxx/CVE-2006-3175.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3175",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3175",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060616 file include exploits in mcGuestbook 1.3",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437448/100/0/threaded"
"name": "mcguestbook-multiple-file-include(27114)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"
},
{
"name" : "20060613 file include exploits in mcGuestbook 1.3",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437028/100/200/threaded"
"name": "27460",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27460"
},
{
"name" : "18476",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18476"
"name": "18476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18476"
},
{
"name" : "27460",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27460"
"name": "20060616 file include exploits in mcGuestbook 1.3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"
},
{
"name" : "27461",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27461"
"name": "27461",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27461"
},
{
"name" : "27462",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27462"
"name": "1125",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1125"
},
{
"name" : "1125",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1125"
"name": "27462",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27462"
},
{
"name" : "mcguestbook-multiple-file-include(27114)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"
"name": "20060613 file include exploits in mcGuestbook 1.3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"
}
]
}

80
2006/3xxx/CVE-2006-3298.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3298",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3298",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll."
"lang": "eng",
"value": "Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.security.nnov.ru/Gnews281.html",
"refsource" : "MISC",
"url" : "http://www.security.nnov.ru/Gnews281.html"
"name": "http://www.security.nnov.ru/Gnews281.html",
"refsource": "MISC",
"url": "http://www.security.nnov.ru/Gnews281.html"
},
{
"name" : "18622",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18622"
"name": "18622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18622"
},
{
"name" : "20773",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20773"
"name": "20773",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20773"
},
{
"name" : "yahoo-messenger-nonascii-dos(27319)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27319"
"name": "yahoo-messenger-nonascii-dos(27319)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27319"
}
]
}

80
2006/3xxx/CVE-2006-3478.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3478",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3478",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1983",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1983"
"name": "ADV-2006-2679",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2679"
},
{
"name" : "18834",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18834"
"name": "1983",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1983"
},
{
"name" : "ADV-2006-2679",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2679"
"name": "18834",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18834"
},
{
"name" : "myphp-cms-globalheader-file-include(27538)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27538"
"name": "myphp-cms-globalheader-file-include(27538)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27538"
}
]
}

122
2006/3xxx/CVE-2006-3789.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3789",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3789",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index."
"lang": "eng",
"value": "Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060716 Multiple vulnerabilities in UFO2000 svn 1057",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440293/100/0/threaded"
"name": "1016503",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016503"
},
{
"name" : "http://aluigi.altervista.org/adv/ufo2ko-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/ufo2ko-adv.txt"
"name": "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/multiplay.cpp?view=log",
"refsource": "CONFIRM",
"url": "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/multiplay.cpp?view=log"
},
{
"name" : "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/multiplay.cpp?view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/multiplay.cpp?view=log"
"name": "20060716 Multiple vulnerabilities in UFO2000 svn 1057",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440293/100/0/threaded"
},
{
"name" : "GLSA-200702-10",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200702-10.xml"
"name": "1259",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1259"
},
{
"name" : "19035",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19035"
"name": "24297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24297"
},
{
"name" : "ADV-2006-2837",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2837"
"name": "21091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21091"
},
{
"name" : "1016503",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016503"
"name": "GLSA-200702-10",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200702-10.xml"
},
{
"name" : "21091",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21091"
"name": "ADV-2006-2837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2837"
},
{
"name" : "24297",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24297"
"name": "19035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19035"
},
{
"name" : "1259",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1259"
"name": "http://aluigi.altervista.org/adv/ufo2ko-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/ufo2ko-adv.txt"
},
{
"name" : "ufo2000-data-code-execution(27802)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27802"
"name": "ufo2000-data-code-execution(27802)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27802"
}
]
}

122
2006/3xxx/CVE-2006-3791.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3791",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3791",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a large keysize or valsize, which causes a crash when the resize function cannot allocate sufficient memory."
"lang": "eng",
"value": "The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a large keysize or valsize, which causes a crash when the resize function cannot allocate sufficient memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060716 Multiple vulnerabilities in UFO2000 svn 1057",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440293/100/0/threaded"
"name": "1016503",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016503"
},
{
"name" : "http://aluigi.altervista.org/adv/ufo2ko-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/ufo2ko-adv.txt"
"name": "20060716 Multiple vulnerabilities in UFO2000 svn 1057",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440293/100/0/threaded"
},
{
"name" : "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/server_transport.cpp?view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/server_transport.cpp?view=log"
"name": "1259",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1259"
},
{
"name" : "GLSA-200702-10",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200702-10.xml"
"name": "ufo2000-decodestringmap-dos(27800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27800"
},
{
"name" : "19035",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19035"
"name": "24297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24297"
},
{
"name" : "ADV-2006-2837",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2837"
"name": "21091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21091"
},
{
"name" : "1016503",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016503"
"name": "GLSA-200702-10",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200702-10.xml"
},
{
"name" : "21091",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21091"
"name": "ADV-2006-2837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2837"
},
{
"name" : "24297",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24297"
"name": "19035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19035"
},
{
"name" : "1259",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1259"
"name": "http://aluigi.altervista.org/adv/ufo2ko-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/ufo2ko-adv.txt"
},
{
"name" : "ufo2000-decodestringmap-dos(27800)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27800"
"name": "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/server_transport.cpp?view=log",
"refsource": "CONFIRM",
"url": "http://svn.sourceforge.net/viewcvs.cgi/ufo2000/trunk/src/server_transport.cpp?view=log"
}
]
}

22
2006/4xxx/CVE-2006-4383.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4383",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4383",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2006/6xxx/CVE-2006-6021.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6021",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6021",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the login component in BestWebApp Dating Site allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters."
"lang": "eng",
"value": "SQL injection vulnerability in the login component in BestWebApp Dating Site allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061117 Dating Site [ login bypass & xss]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451963/100/0/threaded"
"name": "1898",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1898"
},
{
"name" : "20080222 [Aria-Security.Net] BestWebApp Dating System SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/488647/100/100/threaded"
"name": "20080222 [Aria-Security.Net] BestWebApp Dating System SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488647/100/100/threaded"
},
{
"name" : "21158",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21158"
"name": "23017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23017"
},
{
"name" : "23017",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23017"
"name": "datingsite-login-sql-injection(30394)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30394"
},
{
"name" : "1898",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1898"
"name": "21158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21158"
},
{
"name" : "datingsite-login-sql-injection(30394)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30394"
"name": "20061117 Dating Site [ login bypass & xss]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451963/100/0/threaded"
}
]
}

86
2006/6xxx/CVE-2006-6118.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6118",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6118",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1.55 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1.55 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061124 mmgallery Multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452558/100/0/threaded"
"name": "21281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21281"
},
{
"name" : "21281",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21281"
"name": "1917",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1917"
},
{
"name" : "1017283",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017283"
"name": "1017283",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017283"
},
{
"name" : "23130",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23130"
"name": "20061124 mmgallery Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452558/100/0/threaded"
},
{
"name" : "1917",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1917"
"name": "23130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23130"
}
]
}

98
2006/6xxx/CVE-2006-6275.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6275",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6275",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals."
"lang": "eng",
"value": "Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "102574",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102574-1"
"name": "1017321",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017321"
},
{
"name" : "21372",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21372"
"name": "ADV-2006-4792",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4792"
},
{
"name" : "ADV-2006-4792",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4792"
"name": "solaris-sigkill-dos(30637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30637"
},
{
"name" : "oval:org.mitre.oval:def:1626",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1626"
"name": "102574",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102574-1"
},
{
"name" : "1017321",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017321"
"name": "23187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23187"
},
{
"name" : "23187",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23187"
"name": "oval:org.mitre.oval:def:1626",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1626"
},
{
"name" : "solaris-sigkill-dos(30637)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30637"
"name": "21372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21372"
}
]
}

98
2006/6xxx/CVE-2006-6360.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6360",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6360",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the footerpage parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the footerpage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2886",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2886"
"name": "phpuploadcenter-activate-local-file-include(30690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30690"
},
{
"name" : "21412",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21412"
"name": "2886",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2886"
},
{
"name" : "ADV-2006-4837",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4837"
"name": "1017329",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017329"
},
{
"name" : "1017329",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017329"
"name": "23204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23204"
},
{
"name" : "23204",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23204"
"name": "21412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21412"
},
{
"name" : "phpuploadcenter-activate-file-include(30688)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30688"
"name": "ADV-2006-4837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4837"
},
{
"name" : "phpuploadcenter-activate-local-file-include(30690)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30690"
"name": "phpuploadcenter-activate-file-include(30688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30688"
}
]
}

68
2006/7xxx/CVE-2006-7119.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7119",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7119",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in kernel/system/startup.php in J. He PHPGiggle 12.08 and earlier, as distributed on comscripts.com, allows remote attackers to execute arbitrary PHP code via a URL in the CFG_PHPGIGGLE_ROOT parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in kernel/system/startup.php in J. He PHPGiggle 12.08 and earlier, as distributed on comscripts.com, allows remote attackers to execute arbitrary PHP code via a URL in the CFG_PHPGIGGLE_ROOT parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2732",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2732"
"name": "2732",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2732"
},
{
"name" : "phpgiggle-startup-file-include(30072)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30072"
"name": "phpgiggle-startup-file-include(30072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30072"
}
]
}

74
2010/2xxx/CVE-2010-2109.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2109",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2109",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the \"drag + drop\" functionality."
"lang": "eng",
"value": "Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the \"drag + drop\" functionality."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=41469",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=41469"
"name": "oval:org.mitre.oval:def:12083",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12083"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html"
"name": "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/05/stable-channel-update.html"
},
{
"name" : "oval:org.mitre.oval:def:12083",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12083"
"name": "http://code.google.com/p/chromium/issues/detail?id=41469",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=41469"
}
]
}

74
2010/2xxx/CVE-2010-2293.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2293",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2293",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large \"ip textfield\" size."
"lang": "eng",
"value": "The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large \"ip textfield\" size."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100608 Dlink Di-604 router authenticated user ping tool Xss and DoS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/511751/100/0/threaded"
"name": "20100608 Dlink Di-604 router authenticated user ping tool Xss and DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511751/100/0/threaded"
},
{
"name" : "40691",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40691"
"name": "di604-pingtools-dos(59366)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59366"
},
{
"name" : "di604-pingtools-dos(59366)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59366"
"name": "40691",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40691"
}
]
}

86
2011/0xxx/CVE-2011-0331.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0331",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-0331",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document."
"lang": "eng",
"value": "Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://secunia.com/secunia_research/2011-22/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2011-22/"
"name": "46930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46930"
},
{
"name" : "46930",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46930"
"name": "71249",
"refsource": "OSVDB",
"url": "http://osvdb.org/71249"
},
{
"name" : "71249",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/71249"
"name": "ADV-2011-0725",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0725"
},
{
"name" : "43360",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43360"
"name": "http://secunia.com/secunia_research/2011-22/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2011-22/"
},
{
"name" : "ADV-2011-0725",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0725"
"name": "43360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43360"
}
]
}

92
2011/0xxx/CVE-2011-0332.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0332",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-0332",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow."
"lang": "eng",
"value": "Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://secunia.com/secunia_research/2011-14/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2011-14/"
"name": "43440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43440"
},
{
"name" : "http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory",
"refsource" : "CONFIRM",
"url" : "http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory"
"name": "ADV-2011-0508",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0508"
},
{
"name" : "1025129",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025129"
"name": "http://secunia.com/secunia_research/2011-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2011-14/"
},
{
"name" : "43329",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43329"
"name": "43329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43329"
},
{
"name" : "43440",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43440"
"name": "http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory",
"refsource": "CONFIRM",
"url": "http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory"
},
{
"name" : "ADV-2011-0508",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0508"
"name": "1025129",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025129"
}
]
}

92
2011/0xxx/CVE-2011-0407.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0407",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0407",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110106 SQL Injection in Phenotype CMS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/515577/100/0/threaded"
"name": "phenotypecms-uri-sql-injection(64538)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64538"
},
{
"name" : "http://www.htbridge.ch/advisory/sql_injection_in_phenotype_cms.html",
"refsource" : "MISC",
"url" : "http://www.htbridge.ch/advisory/sql_injection_in_phenotype_cms.html"
"name": "20110106 SQL Injection in Phenotype CMS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515577/100/0/threaded"
},
{
"name" : "45700",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45700"
"name": "70308",
"refsource": "OSVDB",
"url": "http://osvdb.org/70308"
},
{
"name" : "70308",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70308"
"name": "http://www.htbridge.ch/advisory/sql_injection_in_phenotype_cms.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/sql_injection_in_phenotype_cms.html"
},
{
"name" : "42837",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42837"
"name": "45700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45700"
},
{
"name" : "phenotypecms-uri-sql-injection(64538)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64538"
"name": "42837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42837"
}
]
}

98
2011/0xxx/CVE-2011-0486.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0486",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0486",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence (BI) 8.4.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via the pathinfo parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence (BI) 8.4.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via the pathinfo parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110112 SECURITY ADVISORY IBM Cognos 8 Business Intelligence 8.4.1",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/515643/100/0/threaded"
"name": "45781",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45781"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24026110",
"refsource" : "MISC",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24026110"
"name": "1024954",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024954"
},
{
"name" : "45781",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45781"
"name": "ibm-cognos-pathinfo-xss(64660)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64660"
},
{
"name" : "70485",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70485"
"name": "ADV-2011-0090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0090"
},
{
"name" : "1024954",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024954"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24026110",
"refsource": "MISC",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24026110"
},
{
"name" : "ADV-2011-0090",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0090"
"name": "20110112 SECURITY ADVISORY IBM Cognos 8 Business Intelligence 8.4.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515643/100/0/threaded"
},
{
"name" : "ibm-cognos-pathinfo-xss(64660)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64660"
"name": "70485",
"refsource": "OSVDB",
"url": "http://osvdb.org/70485"
}
]
}

110
2011/1xxx/CVE-2011-1696.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1696",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1696",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=692972",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=692972"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html"
"name": "1026138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026138"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=692972",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=692972"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html"
},
{
"name" : "49935",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49935"
"name": "49935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49935"
},
{
"name" : "1026138",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026138"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html"
}
]
}

98
2011/1xxx/CVE-2011-1722.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1722",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1722",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/"
"name": "71674",
"refsource": "OSVDB",
"url": "http://osvdb.org/71674"
},
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/"
"name": "ADV-2011-0896",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0896"
},
{
"name" : "47257",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47257"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/"
},
{
"name" : "71674",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/71674"
"name": "44055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44055"
},
{
"name" : "44055",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44055"
"name": "wecdiscussionforum-multiple-sql-injection(66619)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66619"
},
{
"name" : "ADV-2011-0896",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0896"
"name": "47257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47257"
},
{
"name" : "wecdiscussionforum-multiple-sql-injection(66619)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66619"
"name": "http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/"
}
]
}

74
2011/1xxx/CVE-2011-1988.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1988",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1988",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka \"Excel Heap Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka \"Excel Heap Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-072",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072"
"name": "MS11-072",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072"
},
{
"name" : "TA11-256A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-256A.html"
"name": "TA11-256A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-256A.html"
},
{
"name" : "oval:org.mitre.oval:def:12836",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12836"
"name": "oval:org.mitre.oval:def:12836",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12836"
}
]
}

68
2011/1xxx/CVE-2011-1995.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1995",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1995",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka \"OLEAuto32.dll Remote Code Execution Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka \"OLEAuto32.dll Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-081",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081"
"name": "MS11-081",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081"
},
{
"name" : "oval:org.mitre.oval:def:12838",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12838"
"name": "oval:org.mitre.oval:def:12838",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12838"
}
]
}

62
2011/4xxx/CVE-2011-4250.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4250",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4250",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://service.real.com/realplayer/security/11182011_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/11182011_player/en/"
"name": "http://service.real.com/realplayer/security/11182011_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/11182011_player/en/"
}
]
}

68
2011/4xxx/CVE-2011-4678.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4678",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4678",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests."
"lang": "eng",
"value": "The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attackers to enumerate user accounts via a series of requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oneclickorgs-devspace] 20111117 Announce: One Click Orgs 1.2.3",
"refsource" : "MLIST",
"url" : "https://groups.google.com/group/oneclickorgs-devspace/msg/26c40a4cc9e127d2?hl=en&dmode=source&output=gplain"
"name": "[oneclickorgs-devspace] 20111117 Announce: One Click Orgs 1.2.3",
"refsource": "MLIST",
"url": "https://groups.google.com/group/oneclickorgs-devspace/msg/26c40a4cc9e127d2?hl=en&dmode=source&output=gplain"
},
{
"name" : "http://dmcdonald.net/?page_id=43",
"refsource" : "MISC",
"url" : "http://dmcdonald.net/?page_id=43"
"name": "http://dmcdonald.net/?page_id=43",
"refsource": "MISC",
"url": "http://dmcdonald.net/?page_id=43"
}
]
}

68
2011/4xxx/CVE-2011-4823.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4823",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4823",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "18048",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18048"
"name": "http://docs.joomla.org/Vulnerable_Extensions_List#Vik_Real_Estate_1.0",
"refsource": "MISC",
"url": "http://docs.joomla.org/Vulnerable_Extensions_List#Vik_Real_Estate_1.0"
},
{
"name" : "http://docs.joomla.org/Vulnerable_Extensions_List#Vik_Real_Estate_1.0",
"refsource" : "MISC",
"url" : "http://docs.joomla.org/Vulnerable_Extensions_List#Vik_Real_Estate_1.0"
"name": "18048",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18048"
}
]
}

22
2011/4xxx/CVE-2011-4976.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4976",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4976",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2011/5xxx/CVE-2011-5102.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
"lang": "eng",
"value": "The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
"name": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway"
"name": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
"name": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
"name": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-6-2-About-Hotfix-12-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
"name": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
"name": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-6-About-Hotfix-24-for-Websense-Web-Security-Websense-Web-Filter-and-Web-Security-Gateway"
}
]
}

22
2014/2xxx/CVE-2014-2560.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2560",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2560",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2014/2xxx/CVE-2014-2605.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2605",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-2605",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote attackers to obtain sensitive information via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBST03039",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04281279"
"name": "1030567",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030567"
},
{
"name" : "SSRT101457",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04281279"
"name": "68538",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68538"
},
{
"name" : "68538",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68538"
"name": "hp-storevirtual-cve20142605-info-disc(94495)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94495"
},
{
"name" : "1030567",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030567"
"name": "HPSBST03039",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04281279"
},
{
"name" : "hp-storevirtual-cve20142605-info-disc(94495)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94495"
"name": "SSRT101457",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04281279"
}
]
}

68
2014/2xxx/CVE-2014-2636.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2636",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-2636",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336."
"lang": "eng",
"value": "Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBMU03110",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
"name": "HPSBMU03110",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
},
{
"name" : "SSRT101585",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
"name": "SSRT101585",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
}
]
}

22
2014/3xxx/CVE-2014-3254.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3254",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3254",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

176
2014/3xxx/CVE-2014-3478.json
View File

@ -1,156 +1,156 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3478",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3478",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion."
"lang": "eng",
"value": "Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[file] 20140612 file-5.19 is now available",
"refsource" : "MLIST",
"url" : "http://mx.gw.com/pipermail/file/2014/001553.html"
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "RHSA-2014:1766",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
},
{
"name" : "https://bugs.php.net/bug.php?id=67410",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=67410"
"name": "DSA-3021",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3021"
},
{
"name" : "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08",
"refsource" : "CONFIRM",
"url" : "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08"
"name": "HPSBUX03102",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2"
},
{
"name" : "http://support.apple.com/kb/HT6443",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6443"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "https://support.apple.com/HT204659",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204659"
"name": "DSA-2974",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2974"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name": "59794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59794"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "APPLE-SA-2015-04-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
"name": "[file] 20140612 file-5.19 is now available",
"refsource": "MLIST",
"url": "http://mx.gw.com/pipermail/file/2014/001553.html"
},
{
"name" : "DSA-2974",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2974"
"name": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08",
"refsource": "CONFIRM",
"url": "https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08"
},
{
"name" : "DSA-3021",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3021"
"name": "68239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68239"
},
{
"name" : "HPSBUX03102",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=141017844705317&w=2"
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name" : "SSRT101681",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=141017844705317&w=2"
"name": "http://support.apple.com/kb/HT6443",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6443"
},
{
"name" : "RHSA-2014:1327",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1327.html"
"name": "RHSA-2014:1327",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html"
},
{
"name" : "RHSA-2014:1765",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name" : "RHSA-2014:1766",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
"name": "RHSA-2014:1765",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"name" : "openSUSE-SU-2014:1236",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"
"name": "https://bugs.php.net/bug.php?id=67410",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=67410"
},
{
"name" : "68239",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68239"
"name": "SSRT101681",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141017844705317&w=2"
},
{
"name" : "59794",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59794"
"name": "59831",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59831"
},
{
"name" : "59831",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59831"
"name": "openSUSE-SU-2014:1236",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"
}
]
}

22
2014/3xxx/CVE-2014-3644.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3644",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3644",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

128
2014/6xxx/CVE-2014-6040.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6040",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-6040",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of \"0xffff\" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8."
"lang": "eng",
"value": "GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of \"0xffff\" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/08/29/3"
"name": "69472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69472"
},
{
"name" : "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/09/02/1"
"name": "http://linux.oracle.com/errata/ELSA-2015-0016.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=17325",
"refsource" : "CONFIRM",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=41488498b6",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=41488498b6"
},
{
"name" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=41488498b6",
"refsource" : "CONFIRM",
"url" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=41488498b6"
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2015-0016.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2015-0016.html"
"name": "MDVSA-2014:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name" : "DSA-3142",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3142"
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name" : "GLSA-201602-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201602-02"
"name": "USN-2432-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2432-1"
},
{
"name" : "MDVSA-2014:175",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
},
{
"name" : "USN-2432-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-2432-1"
"name": "62100",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62100"
},
{
"name" : "69472",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69472"
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"name" : "62100",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62100"
"name": "62146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62146"
},
{
"name" : "62146",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62146"
"name": "DSA-3142",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3142"
}
]
}

80
2014/6xxx/CVE-2014-6470.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6470",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6470",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Archive Utility."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Archive Utility."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "70551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70551"
},
{
"name" : "70551",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70551"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "1031032",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031032"
"name": "1031032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031032"
},
{
"name" : "61593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61593"
"name": "61593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61593"
}
]
}

86
2014/6xxx/CVE-2014-6495.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6495",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6495",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "SUSE-SU-2015:0743",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
"name": "70496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70496"
},
{
"name" : "70496",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70496"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}

22
2014/7xxx/CVE-2014-7473.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7473",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-7473",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

74
2014/7xxx/CVE-2014-7493.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7493",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7493",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The 100 Books (aka com.ireadercity.c20) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The 100 Books (aka com.ireadercity.c20) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#275817",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/275817"
},
{
"name" : "VU#275817",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/275817"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7510.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7510",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7510",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Graffit It (aka com.presenttechnologies.graffitit) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Graffit It (aka com.presenttechnologies.graffitit) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#700857",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/700857"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#700857",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/700857"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7712.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7712",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7712",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Tiket.com Hotel & Flight (aka com.tiket.gits) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Tiket.com Hotel & Flight (aka com.tiket.gits) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#858289",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/858289"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#858289",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/858289"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7733.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7733",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7733",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#671465",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/671465"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#671465",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/671465"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2016/2xxx/CVE-2016-2128.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2128",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-2128",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

80
2017/0xxx/CVE-2017-0258.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0258",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0258",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Windows",
"version" : {
"version_data" : [
"product_name": "Microsoft Windows",
"version": {
"version_data": [
{
"version_value" : "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016"
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka \"Windows Kernel Information Disclosure Vulnerability,\" a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259."
"lang": "eng",
"value": "The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka \"Windows Kernel Information Disclosure Vulnerability,\" a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42006",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42006/"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0258",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0258"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0258",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0258"
"name": "42006",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42006/"
},
{
"name" : "98112",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98112"
"name": "1038446",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038446"
},
{
"name" : "1038446",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038446"
"name": "98112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98112"
}
]
}

68
2017/0xxx/CVE-2017-0296.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0296",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0296",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Microsoft Windows",
"version" : {
"version_data" : [
"product_name": "Microsoft Windows",
"version": {
"version_data": [
{
"version_value" : "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
"version_value": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka \"Windows TDX Elevation of Privilege Vulnerability\"."
"lang": "eng",
"value": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka \"Windows TDX Elevation of Privilege Vulnerability\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0296"
},
{
"name" : "98839",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98839"
"name": "98839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98839"
}
]
}

72
2017/0xxx/CVE-2017-0601.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0601",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0601",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "7.0"
"version_value": "7.0"
},
{
"version_value" : "7.1.1"
"version_value": "7.1.1"
},
{
"version_value" : "7.1.2"
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. This issue is rated as Moderate due to local bypass of user interaction requirements. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35258579."
"lang": "eng",
"value": "An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. This issue is rated as Moderate due to local bypass of user interaction requirements. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35258579."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-05-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-05-01"
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name" : "98137",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98137"
"name": "98137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98137"
}
]
}

74
2017/18xxx/CVE-2017-18209.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18209",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18209",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory."
"lang": "eng",
"value": "In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/790",
"refsource" : "MISC",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/790"
"name": "USN-3681-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3681-1/"
},
{
"name" : "USN-3681-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3681-1/"
"name": "103218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103218"
},
{
"name" : "103218",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103218"
"name": "https://github.com/ImageMagick/ImageMagick/issues/790",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/790"
}
]
}

22
2017/1xxx/CVE-2017-1017.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1017",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1017",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1728.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1728",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1728",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1875.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1875",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1875",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/1xxx/CVE-2017-1969.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1969",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1969",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

98
2017/5xxx/CVE-2017-5357.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5357",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-5357",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free."
"lang": "eng",
"value": "regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[Bug-ed] 20170108 invalid free on malformed commands",
"refsource" : "MLIST",
"url" : "https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00000.html"
"name": "[oss-security] 20170112 invalid free in GNU ed before 1.14.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/12/5"
},
{
"name" : "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/12/6"
"name": "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/12/6"
},
{
"name" : "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/12/7"
"name": "[Bug-ed] 20170108 invalid free on malformed commands",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00000.html"
},
{
"name" : "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/13/3"
"name": "FEDORA-2017-f87674ad41",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVH54XNZ77ICNBJTPI2DLJYQTA3SYSFC/"
},
{
"name" : "[oss-security] 20170112 invalid free in GNU ed before 1.14.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/12/5"
"name": "95422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95422"
},
{
"name" : "FEDORA-2017-f87674ad41",
"refsource" : "FEDORA",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVH54XNZ77ICNBJTPI2DLJYQTA3SYSFC/"
"name": "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/12/7"
},
{
"name" : "95422",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95422"
"name": "[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/13/3"
}
]
}

22
2017/5xxx/CVE-2017-5775.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5775",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5775",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/5xxx/CVE-2017-5964.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5964",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5964",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the \"emoncms-master/Modules/vis/visualisations/compare.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website."
"lang": "eng",
"value": "An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the \"emoncms-master/Modules/vis/visualisations/compare.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/emoncms/emoncms/issues/636",
"refsource" : "MISC",
"url" : "https://github.com/emoncms/emoncms/issues/636"
"name": "https://github.com/emoncms/emoncms/issues/636",
"refsource": "MISC",
"url": "https://github.com/emoncms/emoncms/issues/636"
},
{
"name" : "96202",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96202"
"name": "96202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96202"
}
]
}