admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:11:51 +00:00
parent e7308f74b4
commit 2f79a8f8ed
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
44 changed files with 3273 additions and 3273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/2xxx/CVE-2006-2288.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2288",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2288",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts."
"lang": "eng",
"value": "Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi",
"refsource" : "CONFIRM",
"url" : "http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi"
"name": "http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi",
"refsource": "CONFIRM",
"url": "http://0pointer.de/cgi-bin/viewcvs.cgi/*checkout*/trunk/docs/NEWS?root=avahi"
},
{
"name" : "SUSE-SR:2006:011",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_05_19.html"
"name": "20022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20022"
},
{
"name" : "17884",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17884"
"name": "17884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17884"
},
{
"name" : "20022",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20022"
"name": "SUSE-SR:2006:011",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_19.html"
},
{
"name" : "20215",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20215"
"name": "20215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20215"
},
{
"name" : "avahi-mdns-name-dos(26330)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26330"
"name": "avahi-mdns-name-dos(26330)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26330"
}
]
}

80
2006/2xxx/CVE-2006-2328.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2328",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2328",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string."
"lang": "eng",
"value": "SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060507 AngelineCMS Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/433241/100/0/threaded"
"name": "angelinecms-server-sql-injection(26382)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26382"
},
{
"name" : "http://www.subjectzero.net/research/ang_CMS.htm",
"refsource" : "MISC",
"url" : "http://www.subjectzero.net/research/ang_CMS.htm"
"name": "883",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/883"
},
{
"name" : "883",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/883"
"name": "http://www.subjectzero.net/research/ang_CMS.htm",
"refsource": "MISC",
"url": "http://www.subjectzero.net/research/ang_CMS.htm"
},
{
"name" : "angelinecms-server-sql-injection(26382)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26382"
"name": "20060507 AngelineCMS Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433241/100/0/threaded"
}
]
}

86
2006/3xxx/CVE-2006-3229.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3229",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3229",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to \"openwebmailerror calls that need to display HTML.\""
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to \"openwebmailerror calls that need to display HTML.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://openwebmail.org/openwebmail/doc/changes.txt",
"refsource" : "CONFIRM",
"url" : "http://openwebmail.org/openwebmail/doc/changes.txt"
"name": "openwebmail-read-xss(27309)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27309"
},
{
"name" : "http://openwebmail.acatysmoof.com/dev/svn/index.pl/openwebmail/diff/trunk/src/cgi-bin/openwebmail/openwebmail-main.pl?rev1=235;rev2=236",
"refsource" : "CONFIRM",
"url" : "http://openwebmail.acatysmoof.com/dev/svn/index.pl/openwebmail/diff/trunk/src/cgi-bin/openwebmail/openwebmail-main.pl?rev1=235;rev2=236"
"name": "20714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20714"
},
{
"name" : "20060626 Openwebmail: 2 XSS vulns not one, and some version hints",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-June/000902.html"
"name": "http://openwebmail.acatysmoof.com/dev/svn/index.pl/openwebmail/diff/trunk/src/cgi-bin/openwebmail/openwebmail-main.pl?rev1=235;rev2=236",
"refsource": "CONFIRM",
"url": "http://openwebmail.acatysmoof.com/dev/svn/index.pl/openwebmail/diff/trunk/src/cgi-bin/openwebmail/openwebmail-main.pl?rev1=235;rev2=236"
},
{
"name" : "20714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20714"
"name": "http://openwebmail.org/openwebmail/doc/changes.txt",
"refsource": "CONFIRM",
"url": "http://openwebmail.org/openwebmail/doc/changes.txt"
},
{
"name" : "openwebmail-read-xss(27309)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27309"
"name": "20060626 Openwebmail: 2 XSS vulns not one, and some version hints",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-June/000902.html"
}
]
}

158
2006/3xxx/CVE-2006-3582.json
View File

@ -1,141 +1,141 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3582",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3582",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files."
"lang": "eng",
"value": "Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060706 Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439432/100/100/threaded"
"name": "ADV-2006-2697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2697"
},
{
"name" : "http://aluigi.altervista.org/adv/adplugbof-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/adplugbof-adv.txt"
"name": "adplug-dmo-file-bo(27670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27670"
},
{
"name" : "http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17",
"refsource" : "CONFIRM",
"url" : "http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17"
"name": "21238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21238"
},
{
"name" : "GLSA-200607-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200607-13.xml"
"name": "27043",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27043"
},
{
"name" : "GLSA-200609-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200609-06.xml"
"name": "27044",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27044"
},
{
"name" : "18859",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18859"
"name": "adplug-u6m-file-bo(27677)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27677"
},
{
"name" : "ADV-2006-2697",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2697"
"name": "21295",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21295"
},
{
"name" : "27042",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27042"
"name": "27042",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27042"
},
{
"name" : "27043",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27043"
"name": "18859",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18859"
},
{
"name" : "27044",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27044"
"name": "27047",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27047"
},
{
"name" : "27047",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27047"
"name": "GLSA-200609-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200609-06.xml"
},
{
"name" : "20972",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20972"
"name": "21869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21869"
},
{
"name" : "21238",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21238"
"name": "http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17",
"refsource": "CONFIRM",
"url": "http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17"
},
{
"name" : "21295",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21295"
"name": "http://aluigi.altervista.org/adv/adplugbof-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/adplugbof-adv.txt"
},
{
"name" : "21869",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21869"
"name": "GLSA-200607-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-13.xml"
},
{
"name" : "adplug-dmo-file-bo(27670)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27670"
"name": "20060706 Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439432/100/100/threaded"
},
{
"name" : "adplug-u6m-file-bo(27677)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27677"
"name": "20972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20972"
}
]
}

86
2006/3xxx/CVE-2006-3748.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3748",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3748",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2023",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2023"
"name": "21077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21077"
},
{
"name" : "19044",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19044"
"name": "loudmouth-class-file-include(27772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
},
{
"name" : "ADV-2006-2844",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2844"
"name": "19044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19044"
},
{
"name" : "21077",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21077"
"name": "ADV-2006-2844",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2844"
},
{
"name" : "loudmouth-class-file-include(27772)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
"name": "2023",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2023"
}
]
}

68
2006/4xxx/CVE-2006-4352.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4352",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4352",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
"lang": "eng",
"value": "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "28121",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28121"
"name": "28121",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28121"
},
{
"name" : "http://www.cisco.com/warp/public/117/AP_cookies.html",
"refsource" : "MISC",
"url" : "http://www.cisco.com/warp/public/117/AP_cookies.html"
"name": "http://www.cisco.com/warp/public/117/AP_cookies.html",
"refsource": "MISC",
"url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
}
]
}

92
2006/4xxx/CVE-2006-4505.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4505",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4505",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter."
"lang": "eng",
"value": "CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060912 [eVuln] NX5Linkx Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445916/100/0/threaded"
"name": "21922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21922"
},
{
"name" : "http://www.evuln.com/vulns/138/",
"refsource" : "MISC",
"url" : "http://www.evuln.com/vulns/138/"
"name": "http://www.evuln.com/vulns/138/",
"refsource": "MISC",
"url": "http://www.evuln.com/vulns/138/"
},
{
"name" : "20011",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20011"
"name": "20011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20011"
},
{
"name" : "ADV-2006-3631",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3631"
"name": "nx5linkx-link-response-splitting(28634)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28634"
},
{
"name" : "21922",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21922"
"name": "20060912 [eVuln] NX5Linkx Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445916/100/0/threaded"
},
{
"name" : "nx5linkx-link-response-splitting(28634)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28634"
"name": "ADV-2006-3631",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3631"
}
]
}

98
2006/6xxx/CVE-2006-6123.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6123",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6123",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critical parameters, which are unset by the protection scheme and prevent the original variable from being detected."
"lang": "eng",
"value": "Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critical parameters, which are unset by the protection scheme and prevent the original variable from being detected."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060623 [KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-06/0482.html"
"name": "27618",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27618"
},
{
"name" : "http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html",
"refsource" : "MISC",
"url" : "http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html"
"name": "1914",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1914"
},
{
"name" : "http://svn.sourceforge.net/viewvc/coppermine?view=rev&revision=3133",
"refsource" : "CONFIRM",
"url" : "http://svn.sourceforge.net/viewvc/coppermine?view=rev&revision=3133"
"name": "20060623 [KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-06/0482.html"
},
{
"name" : "27618",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27618"
"name": "http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html",
"refsource": "MISC",
"url": "http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-system-bypassregistering-global-varables.html"
},
{
"name" : "20597",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20597"
"name": "20597",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20597"
},
{
"name" : "1914",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1914"
"name": "http://svn.sourceforge.net/viewvc/coppermine?view=rev&revision=3133",
"refsource": "CONFIRM",
"url": "http://svn.sourceforge.net/viewvc/coppermine?view=rev&revision=3133"
},
{
"name" : "coppermine-init-security-bypass(27376)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27376"
"name": "coppermine-init-security-bypass(27376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27376"
}
]
}

22
2006/6xxx/CVE-2006-6315.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6315",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6315",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2006/6xxx/CVE-2006-6423.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6423",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-6423",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
"lang": "eng",
"value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
"name": "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-73/advisory/"
},
{
"name" : "http://secunia.com/secunia_research/2006-73/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2006-73/advisory/"
"name": "2022",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2022"
},
{
"name" : "http://www.mailenable.com/hotfix/",
"refsource" : "CONFIRM",
"url" : "http://www.mailenable.com/hotfix/"
"name": "21492",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21492"
},
{
"name" : "21492",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21492"
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name" : "23201",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23201"
"name": "mailenable-bounds-imap-bo(30796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
},
{
"name" : "2022",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2022"
"name": "23201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23201"
},
{
"name" : "mailenable-bounds-imap-bo(30796)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
"name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
}
]
}

86
2006/6xxx/CVE-2006-6644.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6644",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6644",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1.1.2 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in pages/meeting_constants.php in the Meeting (mx_meeting) 1.1.2 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2941",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2941"
"name": "21624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21624"
},
{
"name" : "21624",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21624"
"name": "ADV-2006-5032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5032"
},
{
"name" : "ADV-2006-5032",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5032"
"name": "mxbb-meeting-file-include(30913)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30913"
},
{
"name" : "23394",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23394"
"name": "23394",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23394"
},
{
"name" : "mxbb-meeting-file-include(30913)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30913"
"name": "2941",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2941"
}
]
}

74
2006/7xxx/CVE-2006-7102.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2563",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2563"
"name": "20547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20547"
},
{
"name" : "20547",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20547"
"name": "2563",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2563"
},
{
"name" : "phpburningportal-langpath-file-include(29558)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29558"
"name": "phpburningportal-langpath-file-include(29558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29558"
}
]
}

92
2010/2xxx/CVE-2010-2060.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2060",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2060",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The put command functionality in beanstalkd 1.4.5 and earlier allows remote attackers to execute arbitrary Beanstalk commands via the body in a job that is too big, which is not properly handled by the dispatch_cmd function in prot.c."
"lang": "eng",
"value": "The put command functionality in beanstalkd 1.4.5 and earlier allows remote attackers to execute arbitrary Beanstalk commands via the body in a job that is too big, which is not properly handled by the dispatch_cmd function in prot.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d",
"refsource" : "CONFIRM",
"url" : "http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d"
"name": "http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html",
"refsource": "CONFIRM",
"url": "http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html"
},
{
"name" : "http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html",
"refsource" : "CONFIRM",
"url" : "http://kr.github.com/beanstalkd/2010/05/23/1.4.6-release-notes.html"
"name": "http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d",
"refsource": "CONFIRM",
"url": "http://github.com/kr/beanstalkd/commit/2e8e8c6387ecdf5923dfc4d7718d18eba1b0873d"
},
{
"name" : "40516",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40516"
"name": "beanstalkd-put-command-execution(59107)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59107"
},
{
"name" : "65113",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/65113"
"name": "40032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40032"
},
{
"name" : "40032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40032"
"name": "65113",
"refsource": "OSVDB",
"url": "http://osvdb.org/65113"
},
{
"name" : "beanstalkd-put-command-execution(59107)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59107"
"name": "40516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40516"
}
]
}

98
2010/2xxx/CVE-2010-2302.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2302",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2302",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771."
"lang": "eng",
"value": "Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=44740",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=44740"
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html"
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name": "http://code.google.com/p/chromium/issues/detail?id=44740",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=44740"
},
{
"name" : "oval:org.mitre.oval:def:11948",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11948"
"name": "40072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40072"
},
{
"name" : "40072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40072"
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
"name": "oval:org.mitre.oval:def:11948",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11948"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
"name": "http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html"
}
]
}

98
2011/0xxx/CVE-2011-0464.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html"
"name": "43606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43606"
},
{
"name" : "46672",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46672"
"name": "1025163",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025163"
},
{
"name" : "70956",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/70956"
"name": "70956",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/70956"
},
{
"name" : "1025163",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025163"
"name": "novell-vibeonprem-unspec-code-exec(65865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65865"
},
{
"name" : "43606",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43606"
"name": "46672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46672"
},
{
"name" : "ADV-2011-0592",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0592"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html"
},
{
"name" : "novell-vibeonprem-unspec-code-exec(65865)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65865"
"name": "ADV-2011-0592",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0592"
}
]
}

104
2011/0xxx/CVE-2011-0661.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0661",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-0661",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a malformed request in a (1) SMBv1 or (2) SMBv2 packet, aka \"SMB Transaction Parsing Vulnerability.\""
"lang": "eng",
"value": "The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a malformed request in a (1) SMBv1 or (2) SMBv2 packet, aka \"SMB Transaction Parsing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-020",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-020"
"name": "44072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44072"
},
{
"name" : "TA11-102A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
"name": "71781",
"refsource": "OSVDB",
"url": "http://osvdb.org/71781"
},
{
"name" : "47198",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47198"
"name": "TA11-102A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
},
{
"name" : "71781",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/71781"
"name": "1025329",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025329"
},
{
"name" : "oval:org.mitre.oval:def:12076",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12076"
"name": "ADV-2011-0939",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0939"
},
{
"name" : "1025329",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025329"
"name": "47198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47198"
},
{
"name" : "44072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44072"
"name": "oval:org.mitre.oval:def:12076",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12076"
},
{
"name" : "ADV-2011-0939",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0939"
"name": "MS11-020",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-020"
}
]
}

194
2011/1xxx/CVE-2011-1146.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1146",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1146",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086."
"lang": "eng",
"value": "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110309 CVE request: libvirt: several API calls do not honour read-only connection",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/09/3"
"name": "43897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43897"
},
{
"name" : "[oss-security] 20110310 Re: CVE request: libvirt: several API calls do not honour read-only connection",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/10/5"
"name": "RHSA-2011:0391",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0391.html"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=678406",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=678406"
},
{
"name" : "http://libvirt.org/git/?p=libvirt.git;a=commit;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3",
"refsource" : "CONFIRM",
"url" : "http://libvirt.org/git/?p=libvirt.git;a=commit;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3"
"name": "FEDORA-2011-3286",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=683650",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=683650"
"name": "USN-1094-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1094-1"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=678406",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=678406"
"name": "43670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43670"
},
{
"name" : "DSA-2194",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2194"
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3"
},
{
"name" : "FEDORA-2011-3286",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.html"
"name": "44069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44069"
},
{
"name" : "RHSA-2011:0391",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0391.html"
"name": "46820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46820"
},
{
"name" : "openSUSE-SU-2011:0311",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2011-04/msg00022.html"
"name": "[oss-security] 20110309 CVE request: libvirt: several API calls do not honour read-only connection",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/09/3"
},
{
"name" : "USN-1094-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1094-1"
"name": "openSUSE-SU-2011:0311",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00022.html"
},
{
"name" : "46820",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46820"
"name": "ADV-2011-0794",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0794"
},
{
"name" : "1025262",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025262"
"name": "DSA-2194",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2194"
},
{
"name" : "43670",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43670"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=683650",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=683650"
},
{
"name" : "43917",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43917"
"name": "1025262",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025262"
},
{
"name" : "44069",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44069"
"name": "43917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43917"
},
{
"name" : "43897",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43897"
"name": "ADV-2011-0700",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0700"
},
{
"name" : "43780",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43780"
"name": "ADV-2011-0694",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0694"
},
{
"name" : "ADV-2011-0794",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0794"
"name": "[oss-security] 20110310 Re: CVE request: libvirt: several API calls do not honour read-only connection",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/10/5"
},
{
"name" : "ADV-2011-0805",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0805"
"name": "43780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43780"
},
{
"name" : "ADV-2011-0694",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0694"
"name": "libvirt-apicalls-dos(66012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66012"
},
{
"name" : "ADV-2011-0700",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0700"
"name": "ADV-2011-0805",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0805"
},
{
"name" : "libvirt-apicalls-dos(66012)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66012"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773"
}
]
}

128
2011/1xxx/CVE-2011-1563.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1563",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1563",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via (1) a long username in an On_FC_CONNECT_FCS_LOGIN packet, and crafted (2) On_FC_CTAGLIST_FCS_CADDTAG, (3) On_FC_CTAGLIST_FCS_CDELTAG, (4) On_FC_CTAGLIST_FCS_ADDTAGMS, (5) On_FC_RFUSER_FCS_LOGIN, (6) unspecified \"On_FC_BINFILE_FCS_*FILE\", (7) On_FC_CGETTAG_FCS_GETTELEMETRY, (8) On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY, (9) On_FC_CGETTAG_FCS_SETTELEMETRY, (10) On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY, and (11) On_FC_SCRIPT_FCS_STARTPROG packets to port 910."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via (1) a long username in an On_FC_CONNECT_FCS_LOGIN packet, and crafted (2) On_FC_CTAGLIST_FCS_CADDTAG, (3) On_FC_CTAGLIST_FCS_CDELTAG, (4) On_FC_CTAGLIST_FCS_ADDTAGMS, (5) On_FC_RFUSER_FCS_LOGIN, (6) unspecified \"On_FC_BINFILE_FCS_*FILE\", (7) On_FC_CGETTAG_FCS_GETTELEMETRY, (8) On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY, (9) On_FC_CGETTAG_FCS_SETTELEMETRY, (10) On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY, and (11) On_FC_SCRIPT_FCS_STARTPROG packets to port 910."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "17025",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/17025"
"name": "46937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46937"
},
{
"name" : "http://aluigi.org/adv/realwin_2-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_2-adv.txt"
"name": "http://aluigi.org/adv/realwin_2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_2-adv.txt"
},
{
"name" : "http://aluigi.org/adv/realwin_3-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_3-adv.txt"
"name": "http://aluigi.org/adv/realwin_7-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_7-adv.txt"
},
{
"name" : "http://aluigi.org/adv/realwin_4-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_4-adv.txt"
"name": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdf"
},
{
"name" : "http://aluigi.org/adv/realwin_5-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_5-adv.txt"
"name": "17025",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17025"
},
{
"name" : "http://aluigi.org/adv/realwin_7-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_7-adv.txt"
"name": "http://aluigi.org/adv/realwin_4-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_4-adv.txt"
},
{
"name" : "http://aluigi.org/adv/realwin_8-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.org/adv/realwin_8-adv.txt"
"name": "43848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43848"
},
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdf"
"name": "ADV-2011-0742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0742"
},
{
"name" : "46937",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46937"
"name": "http://aluigi.org/adv/realwin_8-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_8-adv.txt"
},
{
"name" : "43848",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43848"
"name": "http://aluigi.org/adv/realwin_5-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_5-adv.txt"
},
{
"name" : "8176",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8176"
"name": "http://aluigi.org/adv/realwin_3-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/realwin_3-adv.txt"
},
{
"name" : "ADV-2011-0742",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0742"
"name": "8176",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8176"
}
]
}

80
2011/1xxx/CVE-2011-1674.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1674",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1674",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php."
"lang": "eng",
"value": "The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#644812",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/644812"
"name": "prosafe-recreate-security-bypass(66723)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66723"
},
{
"name" : "44045",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44045"
"name": "VU#644812",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/644812"
},
{
"name" : "ADV-2011-0884",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0884"
"name": "ADV-2011-0884",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0884"
},
{
"name" : "prosafe-recreate-security-bypass(66723)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66723"
"name": "44045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44045"
}
]
}

86
2011/3xxx/CVE-2011-3415.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3415",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-3415",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka \"Insecure Redirect in .NET Form Authentication Vulnerability.\""
"lang": "eng",
"value": "Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka \"Insecure Redirect in .NET Form Authentication Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-100",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-100"
"name": "JVN#71256611",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN71256611/index.html"
},
{
"name" : "JVN#71256611",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN71256611/index.html"
"name": "oval:org.mitre.oval:def:14815",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14815"
},
{
"name" : "JVNDB-2011-003557",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2011-003557"
"name": "MS11-100",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-100"
},
{
"name" : "51202",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51202"
"name": "51202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51202"
},
{
"name" : "oval:org.mitre.oval:def:14815",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14815"
"name": "JVNDB-2011-003557",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-003557"
}
]
}

80
2011/3xxx/CVE-2011-3814.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3814",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3814",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain other files."
"lang": "eng",
"value": "WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6"
"name": "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2",
"refsource": "CONFIRM",
"url": "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/WebCalendar-1.2.3",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/WebCalendar-1.2.3"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/WebCalendar-1.2.3",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/WebCalendar-1.2.3"
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name" : "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2",
"refsource" : "CONFIRM",
"url" : "http://webcalendar.cvs.sourceforge.net/viewvc/webcalendar/webcalendar/ChangeLog?pathrev=REL_1_2"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}

74
2011/4xxx/CVE-2011-4168.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4168",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-4168",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data."
"lang": "eng",
"value": "Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-354/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-354/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-354/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-354/"
},
{
"name" : "HPSBPI02732",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03128469"
"name": "HPSBPI02732",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03128469"
},
{
"name" : "SSRT100435",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03128469"
"name": "SSRT100435",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03128469"
}
]
}

80
2011/4xxx/CVE-2011-4173.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4173",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4173",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 allows remote attackers to hijack the authentication of administrators or moderators via vectors involving image files, a different vulnerability than CVE-2011-3615. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 allows remote attackers to hijack the authentication of administrators or moderators via vectors involving image files, a different vulnerability than CVE-2011-3615. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20111009 CVE request: simple machines forum before 2.0.1 and 1.1.15",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/10/09/3"
"name": "46386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46386"
},
{
"name" : "[oss-security] 20111010 Re: CVE request: simple machines forum before 2.0.1 and 1.1.15",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/10/10/6"
"name": "[oss-security] 20111010 Re: CVE request: simple machines forum before 2.0.1 and 1.1.15",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/10/10/6"
},
{
"name" : "http://www.simplemachines.org/community/index.php?topic=452888.0",
"refsource" : "CONFIRM",
"url" : "http://www.simplemachines.org/community/index.php?topic=452888.0"
"name": "[oss-security] 20111009 CVE request: simple machines forum before 2.0.1 and 1.1.15",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/10/09/3"
},
{
"name" : "46386",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46386"
"name": "http://www.simplemachines.org/community/index.php?topic=452888.0",
"refsource": "CONFIRM",
"url": "http://www.simplemachines.org/community/index.php?topic=452888.0"
}
]
}

22
2011/4xxx/CVE-2011-4210.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4210",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4210",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2011/4xxx/CVE-2011-4496.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4496",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4496",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers to execute arbitrary code via a crafted .plf (aka playlist) file."
"lang": "eng",
"value": "Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers to execute arbitrary code via a crafted .plf (aka playlist) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#998403",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/998403"
"name": "VU#998403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/998403"
}
]
}

68
2011/4xxx/CVE-2011-4509.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4509",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4509",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests."
"lang": "eng",
"value": "The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf"
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
},
{
"name" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf"
}
]
}

62
2014/2xxx/CVE-2014-2106.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898."
"lang": "eng",
"value": "Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140326 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-sip"
"name": "20140326 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-sip"
}
]
}

68
2014/2xxx/CVE-2014-2390.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2390",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2390",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before 7.5.5.9, and 8.x before 8.1.7.3 allows remote attackers to hijack the authentication of users for requests that modify user accounts via unspecified vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before 7.5.5.9, and 8.x before 8.1.7.3 allows remote attackers to hijack the authentication of users for requests that modify user accounts via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10081",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10081"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10081",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10081"
},
{
"name" : "1030674",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030674"
"name": "1030674",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030674"
}
]
}

22
2014/2xxx/CVE-2014-2557.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2557",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2557",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2014/6xxx/CVE-2014-6079.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6079",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6079",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685244",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
"name": "70197",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70197"
},
{
"name" : "IV64910",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
"name": "IV64919",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name" : "IV64919",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
"name": "ibm-sam-cve20146079-xss(95763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
},
{
"name" : "70197",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70197"
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name" : "61278",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61278"
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name" : "61294",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61294"
"name": "IV64910",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"name" : "ibm-sam-cve20146079-xss(95763)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95763"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685244"
}
]
}

68
2014/6xxx/CVE-2014-6572.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6572",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6572",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to List of Values."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to List of Values."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "1031579",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031579"
"name": "1031579",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031579"
}
]
}

74
2014/6xxx/CVE-2014-6857.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6857",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6857",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#730777",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/730777"
"name": "VU#730777",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/730777"
}
]
}

74
2014/7xxx/CVE-2014-7002.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7002",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7002",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application 3.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application 3.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#389777",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/389777"
},
{
"name" : "VU#389777",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/389777"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7087.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#152529",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/152529"
},
{
"name" : "VU#152529",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/152529"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

62
2014/7xxx/CVE-2014-7279.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7279",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7279",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain \"equipment management authority\" via TCP traffic to port 23."
"lang": "eng",
"value": "The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain \"equipment management authority\" via TCP traffic to port 23."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35103",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35103"
"name": "35103",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35103"
}
]
}

104
2014/7xxx/CVE-2014-7823.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7823",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7823",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag."
"lang": "eng",
"value": "The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://security.libvirt.org/2014/0007.html",
"refsource" : "CONFIRM",
"url" : "http://security.libvirt.org/2014/0007.html"
"name": "62058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62058"
},
{
"name" : "GLSA-201412-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
},
{
"name" : "openSUSE-SU-2014:1471",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00083.html"
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name" : "USN-2404-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2404-1"
"name": "62303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62303"
},
{
"name" : "62303",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62303"
"name": "USN-2404-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2404-1"
},
{
"name" : "60010",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60010"
"name": "openSUSE-SU-2014:1471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00083.html"
},
{
"name" : "60895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60895"
"name": "60010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60010"
},
{
"name" : "62058",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62058"
"name": "http://security.libvirt.org/2014/0007.html",
"refsource": "CONFIRM",
"url": "http://security.libvirt.org/2014/0007.html"
}
]
}

104
2014/7xxx/CVE-2014-7827.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7827",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7827",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain."
"lang": "eng",
"value": "The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "RHSA-2015:0215",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
"name": "RHSA-2015:0850",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
},
{
"name" : "RHSA-2015:0216",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
"name": "RHSA-2015:0215",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
},
{
"name" : "RHSA-2015:0217",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
"name": "RHSA-2015:0851",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
},
{
"name" : "RHSA-2015:0218",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
"name": "RHSA-2015:0217",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
},
{
"name" : "RHSA-2015:0850",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
"name": "RHSA-2015:0218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
},
{
"name" : "RHSA-2015:0851",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
"name": "RHSA-2015:0216",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
},
{
"name" : "1031741",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031741"
"name": "redhat-jboss-cve20147827-sec-bypass(100889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100889"
},
{
"name" : "redhat-jboss-cve20147827-sec-bypass(100889)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100889"
"name": "1031741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031741"
}
]
}

70
2017/18xxx/CVE-2017-18041.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-02T00:00:00",
"ID" : "CVE-2017-18041",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-02T00:00:00",
"ID": "CVE-2017-18041",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Bamboo",
"version" : {
"version_data" : [
"product_name": "Bamboo",
"version": {
"version_data": [
{
"version_value" : "prior to 6.2.0"
"version_value": "prior to 6.2.0"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release."
"lang": "eng",
"value": "The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/BAM-19662",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/BAM-19662"
"name": "103071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103071"
},
{
"name" : "103071",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103071"
"name": "https://jira.atlassian.com/browse/BAM-19662",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/BAM-19662"
}
]
}

106
2017/1xxx/CVE-2017-1115.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-29T00:00:00",
"ID" : "CVE-2017-1115",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-08-29T00:00:00",
"ID": "CVE-2017-1115",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Campaign",
"version" : {
"version_data" : [
"product_name": "Campaign",
"version": {
"version_data": [
{
"version_value" : "9.1"
"version_value": "9.1"
},
{
"version_value" : "9.1.2"
"version_value": "9.1.2"
},
{
"version_value" : "10"
"version_value": "10"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153."
"lang": "eng",
"value": "IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Access"
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10729769",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10729769"
"name": "ibm-campaign-cve20171115-html-injection(121153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121153"
},
{
"name" : "ibm-campaign-cve20171115-html-injection(121153)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/121153"
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10729769",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10729769"
}
]
}

98
2017/5xxx/CVE-2017-5115.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5115",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5115",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 61.0.3163.79 for Windows",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 61.0.3163.79 for Windows",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 61.0.3163.79 for Windows"
"version_value": "Google Chrome prior to 61.0.3163.79 for Windows"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page."
"lang": "eng",
"value": "Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Type confusion"
"lang": "eng",
"value": "Type confusion"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html",
"refsource" : "MISC",
"url" : "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html"
"name": "https://crbug.com/744584",
"refsource": "MISC",
"url": "https://crbug.com/744584"
},
{
"name" : "https://crbug.com/744584",
"refsource" : "MISC",
"url" : "https://crbug.com/744584"
"name": "GLSA-201709-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-15"
},
{
"name" : "DSA-3985",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3985"
"name": "RHSA-2017:2676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2676"
},
{
"name" : "GLSA-201709-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-15"
"name": "1039291",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039291"
},
{
"name" : "RHSA-2017:2676",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2676"
"name": "100610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100610"
},
{
"name" : "100610",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100610"
"name": "DSA-3985",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3985"
},
{
"name" : "1039291",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039291"
"name": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html"
}
]
}

22
2017/5xxx/CVE-2017-5171.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5171",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5171",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

100
2017/5xxx/CVE-2017-5651.json
View File

@ -1,94 +1,94 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"ID" : "CVE-2017-5651",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5651",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache Tomcat",
"version" : {
"version_data" : [
"product_name": "Apache Tomcat",
"version": {
"version_data": [
{
"version_value" : "9.0.0.M1 to 9.0.0.M18"
"version_value": "9.0.0.M1 to 9.0.0.M18"
},
{
"version_value" : "8.5.0 to 8.5.12"
"version_value": "8.5.0 to 8.5.12"
}
]
}
}
]
},
"vendor_name" : "Apache Software Foundation"
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up."
"lang": "eng",
"value": "In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[users] 20170410 [SECURITY] CVE-2017-5651 Apache Tomcat Information Disclosure",
"refsource" : "MLIST",
"url" : "https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E"
"name": "97544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97544"
},
{
"name" : "https://bz.apache.org/bugzilla/show_bug.cgi?id=60918",
"refsource" : "CONFIRM",
"url" : "https://bz.apache.org/bugzilla/show_bug.cgi?id=60918"
"name": "GLSA-201705-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-09"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
"name": "https://security.netapp.com/advisory/ntap-20180614-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180614-0001/"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180614-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180614-0001/"
"name": "[users] 20170410 [SECURITY] CVE-2017-5651 Apache Tomcat Information Disclosure",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E"
},
{
"name" : "GLSA-201705-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201705-09"
"name": "1038219",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038219"
},
{
"name" : "97544",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97544"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name" : "1038219",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038219"
"name": "https://bz.apache.org/bugzilla/show_bug.cgi?id=60918",
"refsource": "CONFIRM",
"url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=60918"
}
]
}

22
2017/5xxx/CVE-2017-5732.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5732",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5732",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/5xxx/CVE-2017-5910.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5910",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5910",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}