admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:49:48 +00:00
parent ce63486340
commit 2f69dc0fcc
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 4086 additions and 4086 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2006/0xxx/CVE-2006-0156.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0156",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0156",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in (1) addpost1.php and (2) addtopic1.php."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in (1) addpost1.php and (2) addtopic1.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060109 [eVuln] Foxrum BBCode XSS Vulnerabilty",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421277/100/0/threaded"
"name": "16172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16172"
},
{
"name" : "http://evuln.com/vulns/20",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/20"
"name": "http://evuln.com/vulns/20",
"refsource": "MISC",
"url": "http://evuln.com/vulns/20"
},
{
"name" : "16172",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16172"
"name": "325",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/325"
},
{
"name" : "ADV-2006-0121",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0121"
"name": "foxrum-bbcode-xss(24043)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24043"
},
{
"name" : "18386",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18386"
"name": "ADV-2006-0121",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0121"
},
{
"name" : "325",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/325"
"name": "20060109 [eVuln] Foxrum BBCode XSS Vulnerabilty",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421277/100/0/threaded"
},
{
"name" : "foxrum-bbcode-xss(24043)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24043"
"name": "18386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18386"
}
]
}

74
2006/0xxx/CVE-2006-0178.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0178",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0178",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability."
"lang": "eng",
"value": "Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060110 SUID root overflows in UNICOS and partial shellcode",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0343.html"
"name": "16205",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16205"
},
{
"name" : "16205",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16205"
"name": "unicos-ftp-format-string(24277)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24277"
},
{
"name" : "unicos-ftp-format-string(24277)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24277"
"name": "20060110 SUID root overflows in UNICOS and partial shellcode",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0343.html"
}
]
}

80
2006/0xxx/CVE-2006-0198.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0198",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0198",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060107 Xoops Pool Module IMG Tag Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421325/100/0/threaded"
"name": "xoops-pool-imagetag-xss(24091)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24091"
},
{
"name" : "http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=45637&forum=2&post_id=200481",
"refsource" : "MISC",
"url" : "http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=45637&forum=2&post_id=200481"
"name": "16189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16189"
},
{
"name" : "16189",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16189"
"name": "http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=45637&forum=2&post_id=200481",
"refsource": "MISC",
"url": "http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=45637&forum=2&post_id=200481"
},
{
"name" : "xoops-pool-imagetag-xss(24091)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24091"
"name": "20060107 Xoops Pool Module IMG Tag Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421325/100/0/threaded"
}
]
}

122
2006/0xxx/CVE-2006-0807.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0807",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0807",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar (.njx) documents."
"lang": "eng",
"value": "Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar (.njx) documents."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060220 Secunia Research: NJStar Word Processor Font Name Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/425498/100/0/threaded"
"name": "ADV-2006-0670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0670"
},
{
"name" : "http://secunia.com/secunia_research/2006-5/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2006-5/advisory/"
"name": "njstar-font-name-bo(24773)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24773"
},
{
"name" : "http://www.njstar.com/njstar/chinese/",
"refsource" : "CONFIRM",
"url" : "http://www.njstar.com/njstar/chinese/"
"name": "http://www.njstar.com/njstar/chinese/",
"refsource": "CONFIRM",
"url": "http://www.njstar.com/njstar/chinese/"
},
{
"name" : "http://www.njstar.com/njstar/japanese/",
"refsource" : "CONFIRM",
"url" : "http://www.njstar.com/njstar/japanese/"
"name": "18702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18702"
},
{
"name" : "16737",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16737"
"name": "461",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/461"
},
{
"name" : "ADV-2006-0670",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0670"
"name": "http://www.njstar.com/njstar/japanese/",
"refsource": "CONFIRM",
"url": "http://www.njstar.com/njstar/japanese/"
},
{
"name" : "23354",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23354"
"name": "16737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16737"
},
{
"name" : "1015649",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015649"
"name": "23354",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23354"
},
{
"name" : "18702",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18702"
"name": "http://secunia.com/secunia_research/2006-5/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-5/advisory/"
},
{
"name" : "461",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/461"
"name": "20060220 Secunia Research: NJStar Word Processor Font Name Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425498/100/0/threaded"
},
{
"name" : "njstar-font-name-bo(24773)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24773"
"name": "1015649",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015649"
}
]
}

86
2006/1xxx/CVE-2006-1103.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1103",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1103",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference."
"lang": "eng",
"value": "engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060306 Multiple vulnerabilities in Sauerbraten engine 2006_02_28",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/426865/100/0/threaded"
"name": "sauerbraten-engineserver-dos(25087)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25087"
},
{
"name" : "16986",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16986"
"name": "16986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16986"
},
{
"name" : "ADV-2006-0848",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0848"
"name": "20060306 Multiple vulnerabilities in Sauerbraten engine 2006_02_28",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426865/100/0/threaded"
},
{
"name" : "550",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/550"
"name": "550",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/550"
},
{
"name" : "sauerbraten-engineserver-dos(25087)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25087"
"name": "ADV-2006-0848",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0848"
}
]
}

110
2006/1xxx/CVE-2006-1204.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1204",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1204",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prev, (2) next, and (3) rand5 parameters in (a) index.php; the (4) r_username and (5) r_loc parameters in (b) new_topic.php; the (6) r_num, (7) r_family_name, (8) r_icq, (9) r_yahoo, (10) r_aim, (11) r_homepage, (12) r_interests, (13) r_about, (14) selected1, (15) selected0, (16) signature_selected1, (17) signature_selected0, (18) smile_selected1, (19) smile_selected0, (20) ubb_selected1, and (21) ubb_selected0 parameters in (c) profile.php; the (22) quote and (23) tid parameters in (d) reply.php; and the (24) tid, (25) sticked, and (26) mid parameters in (e) view_topic.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prev, (2) next, and (3) rand5 parameters in (a) index.php; the (4) r_username and (5) r_loc parameters in (b) new_topic.php; the (6) r_num, (7) r_family_name, (8) r_icq, (9) r_yahoo, (10) r_aim, (11) r_homepage, (12) r_interests, (13) r_about, (14) selected1, (15) selected0, (16) signature_selected1, (17) signature_selected0, (18) smile_selected1, (19) smile_selected0, (20) ubb_selected1, and (21) ubb_selected0 parameters in (c) profile.php; the (22) quote and (23) tid parameters in (d) reply.php; and the (24) tid, (25) sticked, and (26) mid parameters in (e) view_topic.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060309 txtForum: Multiple XSS Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/427186/100/0/threaded"
"name": "23957",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23957"
},
{
"name" : "http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-003.txt",
"refsource" : "MISC",
"url" : "http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-003.txt"
"name": "17054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17054"
},
{
"name" : "17054",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17054"
"name": "23953",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23953"
},
{
"name" : "23953",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23953"
"name": "23956",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23956"
},
{
"name" : "23954",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23954"
"name": "http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-003.txt",
"refsource": "MISC",
"url": "http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-003.txt"
},
{
"name" : "23955",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23955"
"name": "23955",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23955"
},
{
"name" : "23956",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23956"
"name": "txtforum-multiple-xss(25132)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25132"
},
{
"name" : "23957",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23957"
"name": "23954",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23954"
},
{
"name" : "txtforum-multiple-xss(25132)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25132"
"name": "20060309 txtForum: Multiple XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427186/100/0/threaded"
}
]
}

92
2006/1xxx/CVE-2006-1404.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1404",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1404",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html"
"name": "blankol-bol-xss(25488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25488"
},
{
"name" : "17265",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17265"
"name": "ADV-2006-1111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1111"
},
{
"name" : "ADV-2006-1111",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1111"
"name": "24124",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24124"
},
{
"name" : "24124",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24124"
"name": "19387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19387"
},
{
"name" : "19387",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19387"
"name": "17265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17265"
},
{
"name" : "blankol-bol-xss(25488)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25488"
"name": "http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html"
}
]
}

92
2006/1xxx/CVE-2006-1771.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1771",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1771",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060411 SAXoPRESS - directory traversal",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430707/100/0/threaded"
"name": "ADV-2006-1327",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1327"
},
{
"name" : "20060412 Re: SAXoPRESS - directory traversal aka Saxotech Online",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431037/30/5580/threaded"
"name": "20060412 Re: SAXoPRESS - directory traversal aka Saxotech Online",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431037/30/5580/threaded"
},
{
"name" : "17474",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17474"
"name": "17474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17474"
},
{
"name" : "ADV-2006-1327",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1327"
"name": "19566",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19566"
},
{
"name" : "19566",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19566"
"name": "saxopress-pbcs-directory-traversal(25768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25768"
},
{
"name" : "saxopress-pbcs-directory-traversal(25768)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25768"
"name": "20060411 SAXoPRESS - directory traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430707/100/0/threaded"
}
]
}

80
2006/3xxx/CVE-2006-3355.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3355",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3355",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execute arbitrary code via a long URL, which is not properly terminated before being used with the strncpy function. NOTE: This appears to be the result of an incomplete patch for CVE-2004-0982."
"lang": "eng",
"value": "Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execute arbitrary code via a long URL, which is not properly terminated before being used with the strncpy function. NOTE: This appears to be the result of an incomplete patch for CVE-2004-0982."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=133988",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=133988"
"name": "18794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18794"
},
{
"name" : "GLSA-200607-01",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200607-01.xml"
"name": "GLSA-200607-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-01.xml"
},
{
"name" : "18794",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18794"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=133988",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=133988"
},
{
"name" : "20937",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20937"
"name": "20937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20937"
}
]
}

128
2006/4xxx/CVE-2006-4776.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4776",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4776",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement."
"lang": "eng",
"value": "Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060913 Cisco IOS VTP issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
"name": "VU#542108",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542108"
},
{
"name" : "20060913 Re: Cisco IOS VTP issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
"name": "ADV-2006-3601",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3601"
},
{
"name" : "http://www.phenoelit.de/stuff/CiscoVTP.txt",
"refsource" : "MISC",
"url" : "http://www.phenoelit.de/stuff/CiscoVTP.txt"
"name": "http://www.phenoelit.de/stuff/CiscoVTP.txt",
"refsource": "MISC",
"url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
},
{
"name" : "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
"name": "21896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21896"
},
{
"name" : "VU#542108",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/542108"
"name": "19998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19998"
},
{
"name" : "19998",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19998"
"name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
},
{
"name" : "ADV-2006-3600",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3600"
"name": "1016843",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016843"
},
{
"name" : "ADV-2006-3601",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3601"
"name": "20060913 Re: Cisco IOS VTP issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
},
{
"name" : "28777",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28777"
"name": "28777",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28777"
},
{
"name" : "1016843",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016843"
"name": "cisco-ios-vtp-vlan-name-bo(28927)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28927"
},
{
"name" : "21896",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21896"
"name": "ADV-2006-3600",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3600"
},
{
"name" : "cisco-ios-vtp-vlan-name-bo(28927)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28927"
"name": "20060913 Cisco IOS VTP issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
}
]
}

110
2006/5xxx/CVE-2006-5518.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5518",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5518",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php, and (4) sql2xml.php in Src/getFeed/inc/."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php, and (4) sql2xml.php in Src/getFeed/inc/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2605",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2605"
"name": "2605",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2605"
},
{
"name" : "20654",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20654"
"name": "ADV-2006-4146",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4146"
},
{
"name" : "ADV-2006-4146",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4146"
"name": "20654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20654"
},
{
"name" : "29935",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29935"
"name": "22496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22496"
},
{
"name" : "29936",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29936"
"name": "29935",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29935"
},
{
"name" : "29937",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29937"
"name": "29937",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29937"
},
{
"name" : "29938",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29938"
"name": "29938",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29938"
},
{
"name" : "22496",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22496"
"name": "29936",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29936"
},
{
"name" : "rssonate-project-file-include(29703)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29703"
"name": "rssonate-project-file-include(29703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29703"
}
]
}

128
2010/2xxx/CVE-2010-2053.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2053",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2053",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file."
"lang": "eng",
"value": "emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20100529 Fwd: emesene preditable temporary filename",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=127514641525366&w=2"
"name": "FEDORA-2010-9692",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042699.html"
},
{
"name" : "http://forum.emesene.org/index.php?topic=3441.0",
"refsource" : "CONFIRM",
"url" : "http://forum.emesene.org/index.php?topic=3441.0"
"name": "FEDORA-2010-9679",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042725.html"
},
{
"name" : "http://www.emesene.org/",
"refsource" : "CONFIRM",
"url" : "http://www.emesene.org/"
"name": "39945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39945"
},
{
"name" : "FEDORA-2010-9679",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042725.html"
"name": "[oss-security] 20100529 Fwd: emesene preditable temporary filename",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=127514641525366&w=2"
},
{
"name" : "FEDORA-2010-9692",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042699.html"
"name": "40115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40115"
},
{
"name" : "FEDORA-2010-9696",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042683.html"
"name": "emesene-emsnpic-symlink(59045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59045"
},
{
"name" : "40455",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40455"
"name": "40455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40455"
},
{
"name" : "65018",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/65018"
"name": "ADV-2010-1423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1423"
},
{
"name" : "39945",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39945"
"name": "FEDORA-2010-9696",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042683.html"
},
{
"name" : "40115",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40115"
"name": "65018",
"refsource": "OSVDB",
"url": "http://osvdb.org/65018"
},
{
"name" : "ADV-2010-1423",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1423"
"name": "http://forum.emesene.org/index.php?topic=3441.0",
"refsource": "CONFIRM",
"url": "http://forum.emesene.org/index.php?topic=3441.0"
},
{
"name" : "emesene-emsnpic-symlink(59045)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59045"
"name": "http://www.emesene.org/",
"refsource": "CONFIRM",
"url": "http://www.emesene.org/"
}
]
}

140
2010/2xxx/CVE-2010-2285.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2285",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2285",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors."
"lang": "eng",
"value": "The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20100610 CVE request for new wireshark vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/06/11/1"
"name": "SUSE-SR:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2010-05.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2010-05.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2010-05.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2010-05.html"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2010-06.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2010-06.html"
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name" : "MDVSA-2010:113",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:113"
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name" : "SUSE-SR:2011:001",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2010-06.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2010-06.html"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name": "[oss-security] 20100610 CVE request for new wireshark vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/06/11/1"
},
{
"name" : "40728",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40728"
"name": "42877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42877"
},
{
"name" : "oval:org.mitre.oval:def:11488",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11488"
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "40112",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40112"
"name": "ADV-2011-0076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0076"
},
{
"name" : "42877",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42877"
"name": "40112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40112"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
"name": "40728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40728"
},
{
"name" : "ADV-2010-1418",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1418"
"name": "ADV-2010-1418",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1418"
},
{
"name" : "ADV-2011-0076",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0076"
"name": "oval:org.mitre.oval:def:11488",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11488"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
"name": "MDVSA-2010:113",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:113"
}
]
}

86
2010/2xxx/CVE-2010-2327.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2327",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2327",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload."
"lang": "eng",
"value": "mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "PM10270",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM10270"
"name": "ADV-2010-1411",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1411"
},
{
"name" : "PM15830",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15830"
"name": "PM10270",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM10270"
},
{
"name" : "65439",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/65439"
"name": "65439",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65439"
},
{
"name" : "40096",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40096"
"name": "PM15830",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM15830"
},
{
"name" : "ADV-2010-1411",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1411"
"name": "40096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40096"
}
]
}

86
2010/2xxx/CVE-2010-2459.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2459",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2459",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter."
"lang": "eng",
"value": "SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "13970",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/13970"
"name": "13970",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13970"
},
{
"name" : "http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt"
"name": "videocommportal-video-sql-injection(59638)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59638"
},
{
"name" : "41022",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41022"
"name": "65810",
"refsource": "OSVDB",
"url": "http://osvdb.org/65810"
},
{
"name" : "65810",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/65810"
"name": "http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt"
},
{
"name" : "videocommportal-video-sql-injection(59638)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59638"
"name": "41022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41022"
}
]
}

110
2010/2xxx/CVE-2010-2484.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2484",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2484",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler."
"lang": "eng",
"value": "The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.php.net/releases/5_2_14.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_14.php"
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=619324",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=619324"
"name": "HPSBOV02763",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
},
{
"name" : "http://support.apple.com/kb/HT4312",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4312"
"name": "http://www.php.net/releases/5_2_14.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_14.php"
},
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "APPLE-SA-2010-08-24-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=619324",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=619324"
},
{
"name" : "HPSBOV02763",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
"name": "SSRT100826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
},
{
"name" : "SSRT100826",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133469208622507&w=2"
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
},
{
"name" : "SUSE-SR:2010:018",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
"name": "SUSE-SR:2010:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
}
]
}

104
2010/2xxx/CVE-2010-2994.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2994",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2994",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression."
"lang": "eng",
"value": "Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html"
"name": "SUSE-SR:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
},
{
"name" : "SUSE-SR:2011:001",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name" : "oval:org.mitre.oval:def:12047",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12047"
"name": "42877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42877"
},
{
"name" : "42877",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42877"
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html"
},
{
"name" : "ADV-2011-0076",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0076"
"name": "ADV-2011-0076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0076"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
"name": "oval:org.mitre.oval:def:12047",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12047"
}
]
}

104
2010/3xxx/CVE-2010-3039.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3039",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3039",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930."
"lang": "eng",
"value": "/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20101105 nSense-2010-003: Cisco Unified Communications Manager",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/514668/100/0/threaded"
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21656",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=21656"
},
{
"name" : "20101105 nSense-2010-003: Cisco Unified Communications Manager",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Nov/40"
"name": "44672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44672"
},
{
"name" : "http://www.nsense.fi/advisories/nsense_2010_003.txt",
"refsource" : "MISC",
"url" : "http://www.nsense.fi/advisories/nsense_2010_003.txt"
"name": "20101105 nSense-2010-003: Cisco Unified Communications Manager",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514668/100/0/threaded"
},
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=21656",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=21656"
"name": "1024694",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024694"
},
{
"name" : "44672",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44672"
"name": "http://www.nsense.fi/advisories/nsense_2010_003.txt",
"refsource": "MISC",
"url": "http://www.nsense.fi/advisories/nsense_2010_003.txt"
},
{
"name" : "1024694",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024694"
"name": "42129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42129"
},
{
"name" : "42129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42129"
"name": "20101105 nSense-2010-003: Cisco Unified Communications Manager",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Nov/40"
},
{
"name" : "ADV-2010-2915",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2915"
"name": "ADV-2010-2915",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2915"
}
]
}

22
2010/3xxx/CVE-2010-3356.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3356",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3356",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

110
2010/3xxx/CVE-2010-3475.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement."
"lang": "eng",
"value": "IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21446455",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21446455"
"name": "43291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43291"
},
{
"name" : "IC70406",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406"
"name": "ADV-2010-2425",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2425"
},
{
"name" : "43291",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43291"
"name": "ibm-db2-sql-security-bypass(61873)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61873"
},
{
"name" : "68122",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/68122"
"name": "41444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41444"
},
{
"name" : "oval:org.mitre.oval:def:14609",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21446455",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21446455"
},
{
"name" : "1024458",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024458"
"name": "IC70406",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406"
},
{
"name" : "41444",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41444"
"name": "68122",
"refsource": "OSVDB",
"url": "http://osvdb.org/68122"
},
{
"name" : "ADV-2010-2425",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2425"
"name": "oval:org.mitre.oval:def:14609",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609"
},
{
"name" : "ibm-db2-sql-security-bypass(61873)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61873"
"name": "1024458",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024458"
}
]
}

22
2010/3xxx/CVE-2010-3651.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3651",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2010-3651",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
}
]
}

110
2010/4xxx/CVE-2010-4238.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4238",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4238",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"name": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517",
"refsource": "MISC",
"url": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
},
{
"name" : "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517",
"refsource" : "MISC",
"url" : "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=655623",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=655623",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"name": "RHSA-2011:0017",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name" : "RHSA-2011:0017",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
},
{
"name" : "45795",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45795"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name" : "42884",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42884"
"name": "42884",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42884"
},
{
"name" : "46397",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46397"
"name": "45795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45795"
},
{
"name" : "xen-vdbcreate-dos(64698)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
"name": "xen-vdbcreate-dos(64698)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
}
]
}

86
2010/4xxx/CVE-2010-4715.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4715",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4715",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.facebook.com/note.php?note_id=477865030928",
"refsource" : "CONFIRM",
"url" : "http://www.facebook.com/note.php?note_id=477865030928"
"name": "40820",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40820"
},
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7007156&sliceId=1",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7007156&sliceId=1"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=638646",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=638646"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=638644",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=638644"
"name": "http://www.novell.com/support/viewContent.do?externalId=7007156&sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007156&sliceId=1"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=638646",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=638646"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=638644",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=638644"
},
{
"name" : "40820",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40820"
"name": "http://www.facebook.com/note.php?note_id=477865030928",
"refsource": "CONFIRM",
"url": "http://www.facebook.com/note.php?note_id=477865030928"
}
]
}

62
2010/4xxx/CVE-2010-4722.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4722",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4722",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt",
"refsource" : "CONFIRM",
"url" : "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt"
"name": "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt",
"refsource": "CONFIRM",
"url": "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt"
}
]
}

98
2010/4xxx/CVE-2010-4784.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4784",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4784",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20101126 [eVuln.com] SQL injection Auth Bypass in Easy Banner Free",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/514908/100/0/threaded"
"name": "http://evuln.com/vulns/147/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/147/summary.html"
},
{
"name" : "http://evuln.com/vulns/147/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/147/summary.html"
"name": "45066",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45066"
},
{
"name" : "http://packetstormsecurity.org/files/view/96153/easybannerfree-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/96153/easybannerfree-sql.txt"
"name": "20101126 [eVuln.com] SQL injection Auth Bypass in Easy Banner Free",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514908/100/0/threaded"
},
{
"name" : "45066",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45066"
"name": "42316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42316"
},
{
"name" : "69511",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/69511"
"name": "http://packetstormsecurity.org/files/view/96153/easybannerfree-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96153/easybannerfree-sql.txt"
},
{
"name" : "42316",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42316"
"name": "69511",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/69511"
},
{
"name" : "8184",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8184"
"name": "8184",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8184"
}
]
}

74
2010/4xxx/CVE-2010-4798.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4798",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4798",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15232",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15232"
"name": "orangehrm-index-file-include(62388)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62388"
},
{
"name" : "43905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43905"
"name": "43905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43905"
},
{
"name" : "orangehrm-index-file-include(62388)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62388"
"name": "15232",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15232"
}
]
}

92
2010/4xxx/CVE-2010-4875.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4875",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4875",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/1011-exploits/wpvodpod-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1011-exploits/wpvodpod-xss.txt"
"name": "42195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42195"
},
{
"name" : "http://www.johnleitch.net/Vulnerabilities/WordPress.Vodpod.Video.Gallery.3.1.5.Reflected.Cross-site.Scripting/58",
"refsource" : "MISC",
"url" : "http://www.johnleitch.net/Vulnerabilities/WordPress.Vodpod.Video.Gallery.3.1.5.Reflected.Cross-site.Scripting/58"
"name": "vodpod-gid-xss(63057)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63057"
},
{
"name" : "69084",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69084"
"name": "http://www.johnleitch.net/Vulnerabilities/WordPress.Vodpod.Video.Gallery.3.1.5.Reflected.Cross-site.Scripting/58",
"refsource": "MISC",
"url": "http://www.johnleitch.net/Vulnerabilities/WordPress.Vodpod.Video.Gallery.3.1.5.Reflected.Cross-site.Scripting/58"
},
{
"name" : "42195",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42195"
"name": "8431",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8431"
},
{
"name" : "8431",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8431"
"name": "http://packetstormsecurity.org/1011-exploits/wpvodpod-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1011-exploits/wpvodpod-xss.txt"
},
{
"name" : "vodpod-gid-xss(63057)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63057"
"name": "69084",
"refsource": "OSVDB",
"url": "http://osvdb.org/69084"
}
]
}

242
2011/1xxx/CVE-2011-1002.json
View File

@ -1,211 +1,211 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1002",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1002",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."
"lang": "eng",
"value": "avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/02/18/1"
"name": "RHSA-2011:0779",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0779.html"
},
{
"name" : "[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/02/18/4"
"name": "avahi-udp-packet-dos(65525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"
},
{
"name" : "[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/02/22/9"
"name": "[oss-security] 20110222 Re: [oss-security] CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/02/22/9"
},
{
"name" : "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/",
"refsource" : "MISC",
"url" : "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"
"name": "RHSA-2011:0436",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0436.html"
},
{
"name" : "http://avahi.org/ticket/325",
"refsource" : "CONFIRM",
"url" : "http://avahi.org/ticket/325"
"name": "ADV-2011-0511",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0511"
},
{
"name" : "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6",
"refsource" : "CONFIRM",
"url" : "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6"
"name": "[oss-security] 20110218 CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/18/1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=667187",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=667187"
"name": "43605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43605"
},
{
"name" : "DSA-2174",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2174"
"name": "43465",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43465"
},
{
"name" : "FEDORA-2011-3033",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"
"name": "43673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43673"
},
{
"name" : "MDVSA-2011:037",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"
"name": "ADV-2011-0601",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0601"
},
{
"name" : "MDVSA-2011:040",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667187",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667187"
},
{
"name" : "RHSA-2011:0436",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0436.html"
"name": "ADV-2011-0969",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0969"
},
{
"name" : "RHSA-2011:0779",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0779.html"
"name": "avahi-udp-dos(65524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"
},
{
"name" : "SUSE-SR:2011:005",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
"name": "44131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44131"
},
{
"name" : "USN-1084-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-1084-1"
"name": "MDVSA-2011:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:040"
},
{
"name" : "46446",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46446"
"name": "46446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46446"
},
{
"name" : "70948",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70948"
"name": "MDVSA-2011:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:037"
},
{
"name" : "43361",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43361"
"name": "ADV-2011-0448",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0448"
},
{
"name" : "43465",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43465"
"name": "SUSE-SR:2011:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name" : "43605",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43605"
"name": "DSA-2174",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2174"
},
{
"name" : "43673",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43673"
"name": "ADV-2011-0499",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0499"
},
{
"name" : "44131",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44131"
"name": "70948",
"refsource": "OSVDB",
"url": "http://osvdb.org/70948"
},
{
"name" : "ADV-2011-0448",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0448"
"name": "43361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43361"
},
{
"name" : "ADV-2011-0499",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0499"
"name": "ADV-2011-0670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0670"
},
{
"name" : "ADV-2011-0511",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0511"
"name": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-1002-avahi-daemon-remote-denial-of-service/"
},
{
"name" : "ADV-2011-0565",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0565"
"name": "http://avahi.org/ticket/325",
"refsource": "CONFIRM",
"url": "http://avahi.org/ticket/325"
},
{
"name" : "ADV-2011-0601",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0601"
"name": "FEDORA-2011-3033",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055858.html"
},
{
"name" : "ADV-2011-0670",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0670"
"name": "ADV-2011-0565",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0565"
},
{
"name" : "ADV-2011-0969",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0969"
"name": "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6",
"refsource": "CONFIRM",
"url": "http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6"
},
{
"name" : "avahi-udp-dos(65524)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65524"
"name": "USN-1084-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1084-1"
},
{
"name" : "avahi-udp-packet-dos(65525)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65525"
"name": "[oss-security] 20110218 Re: CVE request: avahi daemon remote denial of service by sending NULL UDP",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/18/4"
}
]
}

134
2011/1xxx/CVE-2011-1659.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1659",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1659",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071."
"lang": "eng",
"value": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=681054",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=48733",
"refsource" : "MISC",
"url" : "http://code.google.com/p/chromium/issues/detail?id=48733"
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name" : "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html",
"refsource" : "MISC",
"url" : "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
},
{
"name" : "http://sourceware.org/bugzilla/show_bug.cgi?id=12583",
"refsource" : "CONFIRM",
"url" : "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
"name": "44353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44353"
},
{
"name" : "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485",
"refsource" : "CONFIRM",
"url" : "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
"name": "1025450",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025450"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=681054",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
"name": "gnuclibrary-fnmatch-dos(66819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"name": "MDVSA-2011:178",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name" : "MDVSA-2011:178",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
"name": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"name" : "MDVSA-2011:179",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name" : "1025450",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025450"
"name": "http://code.google.com/p/chromium/issues/detail?id=48733",
"refsource": "MISC",
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"name" : "44353",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44353"
"name": "MDVSA-2011:179",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"name" : "46397",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46397"
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"name" : "gnuclibrary-fnmatch-dos(66819)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
"name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
}
]
}

98
2011/5xxx/CVE-2011-5163.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5163",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5163",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence."
"lang": "eng",
"value": "Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf"
"name": "http://www.citect.com/citectscada-batch",
"refsource": "CONFIRM",
"url": "http://www.citect.com/citectscada-batch"
},
{
"name" : "http://www.citect.com/citectscada-batch",
"refsource" : "CONFIRM",
"url" : "http://www.citect.com/citectscada-batch"
"name": "76937",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/76937"
},
{
"name" : "https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4,SCADA",
"refsource" : "CONFIRM",
"url" : "https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4,SCADA"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf"
},
{
"name" : "76937",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/76937"
"name": "46779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46779"
},
{
"name" : "1026306",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026306"
"name": "1026306",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026306"
},
{
"name" : "46779",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46779"
"name": "https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4,SCADA",
"refsource": "CONFIRM",
"url": "https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4,SCADA"
},
{
"name" : "46786",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46786"
"name": "46786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46786"
}
]
}

86
2014/3xxx/CVE-2014-3347.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3347",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3347",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897."
"lang": "eng",
"value": "Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=35453",
"refsource" : "CONFIRM",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=35453"
"name": "cisco-isr-cve20143347-dos(95558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95558"
},
{
"name" : "20140827 Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3347"
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35453",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35453"
},
{
"name" : "69439",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69439"
"name": "1030772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030772"
},
{
"name" : "1030772",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030772"
"name": "20140827 Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3347"
},
{
"name" : "cisco-isr-cve20143347-dos(95558)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95558"
"name": "69439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69439"
}
]
}

62
2014/3xxx/CVE-2014-3403.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3403",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3403",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647."
"lang": "eng",
"value": "The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141009 Autonomic Networking Infrastructure Certificate Validation Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3403"
"name": "20141009 Autonomic Networking Infrastructure Certificate Validation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3403"
}
]
}

86
2014/3xxx/CVE-2014-3716.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3716",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3716",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel."
"lang": "eng",
"value": "Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140514 Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/14/4"
"name": "http://xenbits.xen.org/xsa/advisory-95.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-95.html"
},
{
"name" : "[oss-security] 20140515 Re: Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/15/6"
"name": "1030252",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030252"
},
{
"name" : "[oss-security] 20140516 Xen Security Advisory 95 (CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717) - input handling vulnerabilities loading guest kernel on ARM",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/16/1"
"name": "[oss-security] 20140514 Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/14/4"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-95.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-95.html"
"name": "[oss-security] 20140516 Xen Security Advisory 95 (CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717) - input handling vulnerabilities loading guest kernel on ARM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/16/1"
},
{
"name" : "1030252",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030252"
"name": "[oss-security] 20140515 Re: Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/15/6"
}
]
}

22
2014/3xxx/CVE-2014-3727.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3727",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3727",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/7xxx/CVE-2014-7454.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#709217",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/709217"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#709217",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/709217"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2014/8xxx/CVE-2014-8057.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8057",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8057",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

22
2014/8xxx/CVE-2014-8200.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8200",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-8200",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

68
2014/8xxx/CVE-2014-8422.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8422",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8422",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack."
"lang": "eng",
"value": "The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt",
"refsource" : "MISC",
"url" : "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"
"name": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf",
"refsource": "CONFIRM",
"url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"
},
{
"name" : "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf",
"refsource" : "CONFIRM",
"url" : "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"
"name": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt",
"refsource": "MISC",
"url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"
}
]
}

68
2014/8xxx/CVE-2014-8487.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8487",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8487",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earlier allows remote authenticated users to read (1) arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or (2) requests via the requestId parameter to selfservice/devicemgmt/getDeviceInfoTab.htm."
"lang": "eng",
"value": "Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earlier allows remote authenticated users to read (1) arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or (2) requests via the requestId parameter to selfservice/devicemgmt/getDeviceInfoTab.htm."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150222 CVE-2014-8487: Kony EMM insecurity Direct Object Reference",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534739/100/0/threaded"
"name": "20150222 CVE-2014-8487: Kony EMM insecurity Direct Object Reference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534739/100/0/threaded"
},
{
"name" : "72714",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72714"
"name": "72714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72714"
}
]
}

110
2014/8xxx/CVE-2014-8577.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8577",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8577",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/contacts/add page; (2) data[Block][title] or (3) data[Block][alias] parameter to admin/blocks/blocks/edit page; (4) data[Region][title] parameter to admin/blocks/regions/add page; (5) data[Menu][title] or (6) data[Menu][alias] parameter to admin/menus/menus/add page; or (7) data[Link][title] parameter to admin/menus/links/add/menu page."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/contacts/add page; (2) data[Block][title] or (3) data[Block][alias] parameter to admin/blocks/blocks/edit page; (4) data[Region][title] parameter to admin/blocks/regions/add page; (5) data[Menu][title] or (6) data[Menu][alias] parameter to admin/menus/menus/add page; or (7) data[Link][title] parameter to admin/menus/links/add/menu page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "34959",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/34959"
"name": "113110",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/113110"
},
{
"name" : "http://packetstormsecurity.com/files/128639/Croogo-2.0.0-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128639/Croogo-2.0.0-Cross-Site-Scripting.html"
"name": "croogo-multiple-post-xss(96991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96991"
},
{
"name" : "http://zeroscience.mk/en/vulnerabilities/ZSL-2014-5201.php",
"refsource" : "MISC",
"url" : "http://zeroscience.mk/en/vulnerabilities/ZSL-2014-5201.php"
"name": "34959",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34959"
},
{
"name" : "http://blog.croogo.org/blog/croogo-210-released",
"refsource" : "CONFIRM",
"url" : "http://blog.croogo.org/blog/croogo-210-released"
"name": "113113",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/113113"
},
{
"name" : "113109",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/113109"
"name": "http://zeroscience.mk/en/vulnerabilities/ZSL-2014-5201.php",
"refsource": "MISC",
"url": "http://zeroscience.mk/en/vulnerabilities/ZSL-2014-5201.php"
},
{
"name" : "113110",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/113110"
"name": "http://packetstormsecurity.com/files/128639/Croogo-2.0.0-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128639/Croogo-2.0.0-Cross-Site-Scripting.html"
},
{
"name" : "113111",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/113111"
"name": "http://blog.croogo.org/blog/croogo-210-released",
"refsource": "CONFIRM",
"url": "http://blog.croogo.org/blog/croogo-210-released"
},
{
"name" : "113113",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/113113"
"name": "113109",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/113109"
},
{
"name" : "croogo-multiple-post-xss(96991)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96991"
"name": "113111",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/113111"
}
]
}

22
2014/9xxx/CVE-2014-9405.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9405",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9405",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/9xxx/CVE-2014-9461.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9461",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9461",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the member_download action to wp-admin/admin-ajax.php."
"lang": "eng",
"value": "Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the member_download action to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://research.g0blin.co.uk/g0blin-00021/",
"refsource" : "MISC",
"url" : "https://research.g0blin.co.uk/g0blin-00021/"
"name": "https://wordpress.org/plugins/cart66-lite/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/cart66-lite/changelog/"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite",
"refsource" : "CONFIRM",
"url" : "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite"
"name": "https://research.g0blin.co.uk/g0blin-00021/",
"refsource": "MISC",
"url": "https://research.g0blin.co.uk/g0blin-00021/"
},
{
"name" : "https://wordpress.org/plugins/cart66-lite/changelog/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/cart66-lite/changelog/"
"name": "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/1052064/cart66-lite"
}
]
}

122
2014/9xxx/CVE-2014-9711.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9711",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9711",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary web script or HTML via the (1) ReportName (Job Name) parameter to the Explorer report scheduler (cgi-bin/WsCgiExplorerSchedule.exe) in the Job Queue or the col parameter to the (2) Names or (3) Anonymous (explorer_wse/explorer_anon.exe) summary report page."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary web script or HTML via the (1) ReportName (Job Name) parameter to the Explorer report scheduler (cgi-bin/WsCgiExplorerSchedule.exe) in the Job Queue or the col parameter to the (2) Names or (3) Anonymous (explorer_wse/explorer_anon.exe) summary report page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150318 Multiple Cross-Site Scripting vulnerabilities in Websense Reporting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534915/100/0/threaded"
"name": "https://www.securify.nl/advisory/SFY20140911/cross_site_scripting_vulnerability_in_websense_explorer_report_scheduler.html",
"refsource": "MISC",
"url": "https://www.securify.nl/advisory/SFY20140911/cross_site_scripting_vulnerability_in_websense_explorer_report_scheduler.html"
},
{
"name" : "20150318 Cross-Site Scripting vulnerability in Websense Explorer report scheduler",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534917/100/0/threaded"
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name" : "20150318 Multiple Cross-Site Scripting vulnerabilities in Websense Reporting",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/110"
"name": "https://www.securify.nl/advisory/SFY20140914/multiple_cross_site_scripting_vulnerabilities_in_websense_reporting.html",
"refsource": "MISC",
"url": "https://www.securify.nl/advisory/SFY20140914/multiple_cross_site_scripting_vulnerabilities_in_websense_reporting.html"
},
{
"name" : "20150318 Cross-Site Scripting vulnerability in Websense Explorer report scheduler",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/109"
"name": "http://www.websense.com/support/article/kbarticle/v7-8-3-About-Hotfix-02-for-Web-Security-Solutions",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-8-3-About-Hotfix-02-for-Web-Security-Solutions"
},
{
"name" : "http://packetstormsecurity.com/files/130905/Websense-Reporting-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130905/Websense-Reporting-Cross-Site-Scripting.html"
"name": "20150318 Cross-Site Scripting vulnerability in Websense Explorer report scheduler",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/109"
},
{
"name" : "https://www.securify.nl/advisory/SFY20140911/cross_site_scripting_vulnerability_in_websense_explorer_report_scheduler.html",
"refsource" : "MISC",
"url" : "https://www.securify.nl/advisory/SFY20140911/cross_site_scripting_vulnerability_in_websense_explorer_report_scheduler.html"
"name": "http://packetstormsecurity.com/files/130905/Websense-Reporting-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130905/Websense-Reporting-Cross-Site-Scripting.html"
},
{
"name" : "https://www.securify.nl/advisory/SFY20140914/multiple_cross_site_scripting_vulnerabilities_in_websense_reporting.html",
"refsource" : "MISC",
"url" : "https://www.securify.nl/advisory/SFY20140914/multiple_cross_site_scripting_vulnerabilities_in_websense_reporting.html"
"name": "http://packetstormsecurity.com/files/130903/Websense-Explorer-Report-Scheduler-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130903/Websense-Explorer-Report-Scheduler-Cross-Site-Scripting.html"
},
{
"name" : "http://packetstormsecurity.com/files/130903/Websense-Explorer-Report-Scheduler-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130903/Websense-Explorer-Report-Scheduler-Cross-Site-Scripting.html"
"name": "20150318 Multiple Cross-Site Scripting vulnerabilities in Websense Reporting",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/110"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
"name": "http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-01-for-Web-Security-Solutions",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-01-for-Web-Security-Solutions"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-8-3-About-Hotfix-02-for-Web-Security-Solutions",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-8-3-About-Hotfix-02-for-Web-Security-Solutions"
"name": "20150318 Cross-Site Scripting vulnerability in Websense Explorer report scheduler",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534917/100/0/threaded"
},
{
"name" : "http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-01-for-Web-Security-Solutions",
"refsource" : "CONFIRM",
"url" : "http://www.websense.com/support/article/kbarticle/v7-8-4-About-Hotfix-01-for-Web-Security-Solutions"
"name": "20150318 Multiple Cross-Site Scripting vulnerabilities in Websense Reporting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534915/100/0/threaded"
}
]
}

92
2014/9xxx/CVE-2014-9905.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9905",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9905",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160709 Re: CVE request: several SOGo issues (DOS, XSS, information leakage)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/07/09/3"
"name": "https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765",
"refsource": "CONFIRM",
"url": "https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765"
},
{
"name" : "https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9",
"refsource" : "CONFIRM",
"url" : "https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9"
"name": "[oss-security] 20160709 Re: CVE request: several SOGo issues (DOS, XSS, information leakage)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/07/09/3"
},
{
"name" : "https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501",
"refsource" : "CONFIRM",
"url" : "https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501"
"name": "https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501",
"refsource": "CONFIRM",
"url": "https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501"
},
{
"name" : "https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765",
"refsource" : "CONFIRM",
"url" : "https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765"
"name": "https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625",
"refsource": "CONFIRM",
"url": "https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625"
},
{
"name" : "https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625",
"refsource" : "CONFIRM",
"url" : "https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625"
"name": "https://sogo.nu/bugs/view.php?id=2598",
"refsource": "CONFIRM",
"url": "https://sogo.nu/bugs/view.php?id=2598"
},
{
"name" : "https://sogo.nu/bugs/view.php?id=2598",
"refsource" : "CONFIRM",
"url" : "https://sogo.nu/bugs/view.php?id=2598"
"name": "https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9",
"refsource": "CONFIRM",
"url": "https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9"
}
]
}

68
2016/2xxx/CVE-2016-2295.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2295",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2295",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file."
"lang": "eng",
"value": "Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160503 Moxa MiiNePort - Multiple Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/May/7"
"name": "20160503 Moxa MiiNePort - Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/7"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-145-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-145-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-145-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-145-01"
}
]
}

62
2016/2xxx/CVE-2016-2445.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2445",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-2445",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079."
"lang": "eng",
"value": "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-05-01.html"
"name": "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-05-01.html"
}
]
}

22
2016/6xxx/CVE-2016-6200.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6200",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6200",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/6xxx/CVE-2016-6665.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6665",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6665",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/7xxx/CVE-2016-7014.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7014",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7014",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name" : "93496",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93496"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name" : "1036986",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036986"
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}

22
2016/7xxx/CVE-2016-7326.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7326",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7326",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

110
2016/7xxx/CVE-2016-7867.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2016-7867",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7867",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version" : {
"version_data" : [
"product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version": {
"version_data": [
{
"version_value" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
"version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution."
"lang": "eng",
"value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Overflow / Underflow"
"lang": "eng",
"value": "Buffer Overflow / Underflow"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-622",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-622"
"name": "SUSE-SU-2016:3148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
"name": "MS16-154",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"name" : "GLSA-201701-17",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-17"
"name": "94871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94871"
},
{
"name" : "MS16-154",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
"name": "GLSA-201701-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"name" : "RHSA-2016:2947",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
"name": "1037442",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037442"
},
{
"name" : "SUSE-SU-2016:3148",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-622",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-622"
},
{
"name" : "openSUSE-SU-2016:3160",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name" : "94871",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94871"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name" : "1037442",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037442"
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}

22
2016/7xxx/CVE-2016-7897.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7897",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7897",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

92
2017/5xxx/CVE-2017-5098.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5098",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5098",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android"
"version_value": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page."
"lang": "eng",
"value": "A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Use after free"
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource" : "MISC",
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
"name": "GLSA-201709-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-15"
},
{
"name" : "https://crbug.com/740803",
"refsource" : "MISC",
"url" : "https://crbug.com/740803"
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name" : "DSA-3926",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3926"
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name" : "GLSA-201709-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-15"
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name" : "RHSA-2017:1833",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1833"
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
},
{
"name" : "99950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99950"
"name": "https://crbug.com/740803",
"refsource": "MISC",
"url": "https://crbug.com/740803"
}
]
}

76
2017/5xxx/CVE-2017-5810.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-05-04T00:00:00",
"ID" : "CVE-2017-5810",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-05-04T00:00:00",
"ID": "CVE-2017-5810",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Network Automation",
"version" : {
"version_data" : [
"product_name": "Network Automation",
"version": {
"version_data": [
{
"version_value" : "9.1x, 9.2x, 10.0x, 10.1x and 10.2x"
"version_value": "9.1x, 9.2x, 10.0x, 10.1x and 10.2x"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found."
"lang": "eng",
"value": "A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "remote sql injection"
"lang": "eng",
"value": "remote sql injection"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us"
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us"
},
{
"name" : "98331",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98331"
"name": "98331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98331"
},
{
"name" : "1038407",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038407"
"name": "1038407",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038407"
}
]
}