admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:37:39 +00:00
parent 22974806c3
commit 3dc8042487
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 5339 additions and 5339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2006/0xxx/CVE-2006-0089.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0089",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0089",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute."
"lang": "eng",
"value": "Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://users.pandora.be/bratax/advisories/b007.html",
"refsource" : "MISC",
"url" : "http://users.pandora.be/bratax/advisories/b007.html"
"name": "18294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18294"
},
{
"name" : "16136",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16136"
"name": "http://users.pandora.be/bratax/advisories/b007.html",
"refsource": "MISC",
"url": "http://users.pandora.be/bratax/advisories/b007.html"
},
{
"name" : "ADV-2006-0032",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0032"
"name": "22208",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22208"
},
{
"name" : "22208",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22208"
"name": "16136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16136"
},
{
"name" : "18294",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18294"
"name": "ADV-2006-0032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0032"
}
]
}

104
2006/0xxx/CVE-2006-0199.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0199",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0199",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
"lang": "eng",
"value": "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060113 Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injectionvulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
"name": "mininuke-news-sql-injection(24098)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
},
{
"name" : "20060112 Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injection vulnerability",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
"name": "20060113 Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injectionvulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
},
{
"name" : "http://www.nukedx.com/?viewdoc=7",
"refsource" : "MISC",
"url" : "http://www.nukedx.com/?viewdoc=7"
"name": "22384",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22384"
},
{
"name" : "ADV-2006-0173",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0173"
"name": "18439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18439"
},
{
"name" : "22384",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22384"
"name": "http://www.nukedx.com/?viewdoc=7",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=7"
},
{
"name" : "18439",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18439"
"name": "ADV-2006-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0173"
},
{
"name" : "340",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/340"
"name": "340",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/340"
},
{
"name" : "mininuke-news-sql-injection(24098)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
"name": "20060112 Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injection vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
}
]
}

92
2006/0xxx/CVE-2006-0632.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0632",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0632",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to create the activation key (\"validation ID\") that is sent by e-mail when establishing a password, which makes it easier for remote attackers to obtain the key and modify passwords for existing accounts or create new accounts."
"lang": "eng",
"value": "The gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to create the activation key (\"validation ID\") that is sent by e-mail when establishing a password, which makes it easier for remote attackers to obtain the key and modify passwords for existing accounts or create new accounts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060205 Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/424074/100/0/threaded"
"name": "20060205 Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424074/100/0/threaded"
},
{
"name" : "http://www.r-security.net/tutorials/view/readtutorial.php?id=4",
"refsource" : "MISC",
"url" : "http://www.r-security.net/tutorials/view/readtutorial.php?id=4"
"name": "http://www.r-security.net/tutorials/view/readtutorial.php?id=4",
"refsource": "MISC",
"url": "http://www.r-security.net/tutorials/view/readtutorial.php?id=4"
},
{
"name" : "ADV-2006-0461",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0461"
"name": "18727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18727"
},
{
"name" : "22949",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22949"
"name": "ADV-2006-0461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0461"
},
{
"name" : "18727",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18727"
"name": "phpbb-weak-rnd(24573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24573"
},
{
"name" : "phpbb-weak-rnd(24573)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24573"
"name": "22949",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22949"
}
]
}

272
2006/3xxx/CVE-2006-3017.json
View File

@ -1,236 +1,236 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3017",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3017",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations."
"lang": "eng",
"value": "zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442437/100/0/threaded"
"name": "21723",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21723"
},
{
"name" : "20061005 rPSA-2006-0182-1 php php-mysql php-pgsql",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
"name": "https://issues.rpath.com/browse/RPL-683",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-683"
},
{
"name" : "20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0166.html"
"name": "21252",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21252"
},
{
"name" : "http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html",
"refsource" : "MISC",
"url" : "http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html"
"name": "21202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21202"
},
{
"name" : "http://www.php.net/release_5_1_3.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/release_5_1_3.php"
"name": "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log",
"refsource": "CONFIRM",
"url": "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log"
},
{
"name" : "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2",
"refsource" : "CONFIRM",
"url" : "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2"
"name": "TLSA-2006-38",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"name" : "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log",
"refsource" : "CONFIRM",
"url" : "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log"
"name": "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2",
"refsource": "CONFIRM",
"url": "http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm"
"name": "DSA-1206",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1206"
},
{
"name" : "https://issues.rpath.com/browse/RPL-683",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-683"
"name": "21050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21050"
},
{
"name" : "DSA-1206",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1206"
"name": "SUSE-SA:2006:031",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_31_php.html"
},
{
"name" : "MDKSA-2006:122",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:122"
"name": "20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442437/100/0/threaded"
},
{
"name" : "RHSA-2006:0568",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0568.html"
"name": "26466",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26466"
},
{
"name" : "RHSA-2006:0567",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0567.html"
"name": "22713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22713"
},
{
"name" : "RHSA-2006:0549",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
"name": "RHSA-2006:0568",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0568.html"
},
{
"name" : "20060701-01-U",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
"name": "21135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21135"
},
{
"name" : "SUSE-SA:2006:031",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_31_php.html"
"name": "http://www.php.net/release_5_1_3.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/release_5_1_3.php"
},
{
"name" : "SUSE-SA:2006:034",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_34_php4.html"
"name": "20061005 rPSA-2006-0182-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
},
{
"name" : "TLSA-2006-38",
"refsource" : "TURBO",
"url" : "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
"name": "1016649",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016649"
},
{
"name" : "USN-320-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/320-1/"
"name": "RHSA-2006:0549",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
},
{
"name" : "17843",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17843"
"name": "22225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22225"
},
{
"name" : "25255",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25255"
"name": "MDKSA-2006:122",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:122"
},
{
"name" : "26466",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26466"
"name": "21125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21125"
},
{
"name" : "oval:org.mitre.oval:def:10118",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10118"
"name": "19927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19927"
},
{
"name" : "1016306",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016306"
"name": "25255",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25255"
},
{
"name" : "1016649",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016649"
"name": "php-zendhashdel-unspecified(27396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27396"
},
{
"name" : "19927",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19927"
"name": "1016306",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016306"
},
{
"name" : "21050",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21050"
"name": "21031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21031"
},
{
"name" : "21031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21031"
"name": "RHSA-2006:0567",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0567.html"
},
{
"name" : "21135",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21135"
"name": "20060701-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name" : "21202",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21202"
"name": "oval:org.mitre.oval:def:10118",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10118"
},
{
"name" : "21252",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21252"
"name": "http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html",
"refsource": "MISC",
"url": "http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html"
},
{
"name" : "21723",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21723"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm"
},
{
"name" : "22225",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22225"
"name": "USN-320-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/320-1/"
},
{
"name" : "22713",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22713"
"name": "20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0166.html"
},
{
"name" : "21125",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21125"
"name": "SUSE-SA:2006:034",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_34_php4.html"
},
{
"name" : "php-zendhashdel-unspecified(27396)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27396"
"name": "17843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17843"
}
]
}

86
2006/3xxx/CVE-2006-3044.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3044",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3044",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected in an error page."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected in an error page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-2280",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2280"
"name": "logisphere-url-xss(27698)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27698"
},
{
"name" : "26324",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26324"
"name": "26324",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26324"
},
{
"name" : "1016268",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016268"
"name": "1016268",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016268"
},
{
"name" : "20578",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20578"
"name": "ADV-2006-2280",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2280"
},
{
"name" : "logisphere-url-xss(27698)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27698"
"name": "20578",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20578"
}
]
}

98
2006/3xxx/CVE-2006-3179.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3179",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3179",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060614 Confixx <= 3",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437550/100/0/threaded"
"name": "confixx-multiple-xss(27222)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27222"
},
{
"name" : "18523",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18523"
"name": "20060614 Confixx <= 3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437550/100/0/threaded"
},
{
"name" : "ADV-2006-2429",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2429"
"name": "1126",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1126"
},
{
"name" : "26628",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26628"
"name": "ADV-2006-2429",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2429"
},
{
"name" : "20728",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20728"
"name": "26628",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26628"
},
{
"name" : "1126",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1126"
"name": "18523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18523"
},
{
"name" : "confixx-multiple-xss(27222)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27222"
"name": "20728",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20728"
}
]
}

62
2006/3xxx/CVE-2006-3487.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3487",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3487",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb."
"lang": "eng",
"value": "VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1016421",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016421"
"name": "1016421",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016421"
}
]
}

110
2006/3xxx/CVE-2006-3862.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3862",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3862",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable)."
"lang": "eng",
"value": "Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060814 Informix - Discovery, Attack and Defense",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443133/100/0/threaded"
"name": "informix-sqlidebug-bo(28158)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28158"
},
{
"name" : "20060814 SQLIDEBUG envariable overflow on Informix",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443165/100/0/threaded"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21242921",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21242921"
},
{
"name" : "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf",
"refsource" : "MISC",
"url" : "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf"
"name": "27694",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27694"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21242921",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21242921"
"name": "20060814 Informix - Discovery, Attack and Defense",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443133/100/0/threaded"
},
{
"name" : "19264",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19264"
"name": "20060814 SQLIDEBUG envariable overflow on Informix",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443165/100/0/threaded"
},
{
"name" : "ADV-2006-3077",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3077"
"name": "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf",
"refsource": "MISC",
"url": "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf"
},
{
"name" : "27694",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27694"
"name": "21301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21301"
},
{
"name" : "21301",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21301"
"name": "19264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19264"
},
{
"name" : "informix-sqlidebug-bo(28158)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28158"
"name": "ADV-2006-3077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3077"
}
]
}

74
2006/4xxx/CVE-2006-4163.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4163",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4163",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analysis as of 20060816 was inconclusive."
"lang": "eng",
"value": "** DISPUTED ** PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analysis as of 20060816 was inconclusive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060810 miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442966/100/0/threaded"
"name": "20060813 Re: miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443160/100/0/threaded"
},
{
"name" : "20060813 Re: miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443160/100/0/threaded"
"name": "20060810 miniBloggie <= 1.0 (fname) Remote File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442966/100/0/threaded"
},
{
"name" : "19476",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19476"
"name": "19476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19476"
}
]
}

80
2006/4xxx/CVE-2006-4295.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4295",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4295",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
"name": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2006/08/panda-activescan-xss-vulnerability.html"
},
{
"name" : "19471",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19471"
"name": "19471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19471"
},
{
"name" : "29147",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29147"
"name": "29147",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29147"
},
{
"name" : "1016696",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016696"
"name": "1016696",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016696"
}
]
}

80
2006/4xxx/CVE-2006-4500.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4500",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4500",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) about, (2) again, (3) lastname, (4) email, (5) password, (6) album, (7) id, (8) table, (9) desc, (10) doc, (11) mname, (12) max, (13) htpl, (14) pheader, and possibly other parameters."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) about, (2) again, (3) lastname, (4) email, (5) password, (6) album, (7) id, (8) table, (9) desc, (10) doc, (11) mname, (12) max, (13) htpl, (14) pheader, and possibly other parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060830 Ezportal/Ztml v1.0 Multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/444743/100/0/threaded"
"name": "20060830 Ezportal/Ztml v1.0 Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444743/100/0/threaded"
},
{
"name" : "19759",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19759"
"name": "1481",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1481"
},
{
"name" : "1481",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1481"
"name": "ezportalztml-index-xss(28666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28666"
},
{
"name" : "ezportalztml-index-xss(28666)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28666"
"name": "19759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19759"
}
]
}

80
2006/4xxx/CVE-2006-4683.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4683",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4683",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE."
"lang": "eng",
"value": "IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "IC47088",
"refsource" : "AIXAPAR",
"url" : "ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5.10_docs_relnotes.pdf"
"name": "IC47088",
"refsource": "AIXAPAR",
"url": "ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5.10_docs_relnotes.pdf"
},
{
"name" : "19915",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19915"
"name": "ADV-2006-3532",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3532"
},
{
"name" : "ADV-2006-3532",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3532"
"name": "21802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21802"
},
{
"name" : "21802",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21802"
"name": "19915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19915"
}
]
}

98
2006/4xxx/CVE-2006-4858.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4858",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4858",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060914 Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
"name": "ADV-2006-3610",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3610"
},
{
"name" : "2367",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2367"
"name": "20018",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20018"
},
{
"name" : "20018",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20018"
"name": "1598",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1598"
},
{
"name" : "ADV-2006-3610",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3610"
"name": "21943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21943"
},
{
"name" : "21943",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21943"
"name": "serverstat-install-file-include(28959)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
},
{
"name" : "1598",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1598"
"name": "20060914 Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
},
{
"name" : "serverstat-install-file-include(28959)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
"name": "2367",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2367"
}
]
}

80
2006/4xxx/CVE-2006-4922.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4922",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4922",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions."
"lang": "eng",
"value": "Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090915 Site@School 2.4.02 and below Multiple remote Command",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=115869368313367&w=2"
"name": "20090915 Site@School 2.4.02 and below Multiple remote Command",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=115869368313367&w=2"
},
{
"name" : "2374",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2374"
"name": "2374",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2374"
},
{
"name" : "20053",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20053"
"name": "1016887",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016887"
},
{
"name" : "1016887",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016887"
"name": "20053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20053"
}
]
}

80
2006/7xxx/CVE-2006-7105.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7105",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7105",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect."
"lang": "eng",
"value": "** DISPUTED ** PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061014 Re: Vuln",
"refsource" : "FULLDISC",
"url" : "http://www.security-express.com/archives/fulldisclosure/2006-10/0299.html"
"name": "smarty-smarty-file-include(29603)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29603"
},
{
"name" : "20061014 Vuln",
"refsource" : "FULLDISC",
"url" : "http://www.security-express.com/archives/fulldisclosure/2006-10/0292.html"
"name": "20061014 Vuln",
"refsource": "FULLDISC",
"url": "http://www.security-express.com/archives/fulldisclosure/2006-10/0292.html"
},
{
"name" : "20557",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20557"
"name": "20557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20557"
},
{
"name" : "smarty-smarty-file-include(29603)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29603"
"name": "20061014 Re: Vuln",
"refsource": "FULLDISC",
"url": "http://www.security-express.com/archives/fulldisclosure/2006-10/0299.html"
}
]
}

74
2006/7xxx/CVE-2006-7137.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7137",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7137",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 allows remote attackers to inject arbitrary web script or HTML via the shoutbox."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 allows remote attackers to inject arbitrary web script or HTML via the shoutbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060805 Tinyportal Shoutbox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442308/100/0/threaded"
"name": "19357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19357"
},
{
"name" : "20070306 Re: Tinyportal Shoutbox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/462018/100/0/threaded"
"name": "20070306 Re: Tinyportal Shoutbox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462018/100/0/threaded"
},
{
"name" : "19357",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19357"
"name": "20060805 Tinyportal Shoutbox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442308/100/0/threaded"
}
]
}

74
2010/2xxx/CVE-2010-2017.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2017",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2017",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/1005-exploits/lokomediacms-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1005-exploits/lokomediacms-xss.txt"
"name": "39863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39863"
},
{
"name" : "64748",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/64748"
"name": "64748",
"refsource": "OSVDB",
"url": "http://osvdb.org/64748"
},
{
"name" : "39863",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39863"
"name": "http://packetstormsecurity.org/1005-exploits/lokomediacms-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1005-exploits/lokomediacms-xss.txt"
}
]
}

86
2010/2xxx/CVE-2010-2697.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2697",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2697",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14260",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14260"
"name": "14260",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14260"
},
{
"name" : "66154",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/66154"
"name": "sijio-title-xss(60176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60176"
},
{
"name" : "40492",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40492"
"name": "66154",
"refsource": "OSVDB",
"url": "http://osvdb.org/66154"
},
{
"name" : "ADV-2010-1766",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1766"
"name": "ADV-2010-1766",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1766"
},
{
"name" : "sijio-title-xss(60176)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60176"
"name": "40492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40492"
}
]
}

68
2010/2xxx/CVE-2010-2989.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2989",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2989",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response."
"lang": "eng",
"value": "nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100726 Nessus Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/512645/100/0/threaded"
"name": "https://discussions.nessus.org/message/7245#7245",
"refsource": "CONFIRM",
"url": "https://discussions.nessus.org/message/7245#7245"
},
{
"name" : "https://discussions.nessus.org/message/7245#7245",
"refsource" : "CONFIRM",
"url" : "https://discussions.nessus.org/message/7245#7245"
"name": "20100726 Nessus Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512645/100/0/threaded"
}
]
}

74
2010/3xxx/CVE-2010-3209.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3209",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3209",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the (4) path parameter to fog/lib/pear/DB/NestedSet/Output.php."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the (4) path parameter to fog/lib/pear/DB/NestedSet/Output.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14841",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14841"
"name": "http://packetstormsecurity.org/1008-exploits/seagull-rfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1008-exploits/seagull-rfi.txt"
},
{
"name" : "http://packetstormsecurity.org/1008-exploits/seagull-rfi.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1008-exploits/seagull-rfi.txt"
"name": "seagull-multiple-file-include(61470)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61470"
},
{
"name" : "seagull-multiple-file-include(61470)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61470"
"name": "14841",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14841"
}
]
}

80
2010/3xxx/CVE-2010-3955.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3955",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3955",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka \"Array Indexing Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka \"Array Indexing Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-103",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103"
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name" : "TA10-348A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name": "MS10-103",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103"
},
{
"name" : "oval:org.mitre.oval:def:12277",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12277"
"name": "oval:org.mitre.oval:def:12277",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12277"
},
{
"name" : "1024885",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024885"
"name": "1024885",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024885"
}
]
}

98
2011/0xxx/CVE-2011-0140.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0140",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0140",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
"lang": "eng",
"value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4554",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4554"
"name": "http://support.apple.com/kb/HT4564",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4564"
},
{
"name" : "http://support.apple.com/kb/HT4564",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4564"
"name": "http://support.apple.com/kb/HT4566",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4566"
},
{
"name" : "http://support.apple.com/kb/HT4566",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4566"
"name": "APPLE-SA-2011-03-02-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name" : "APPLE-SA-2011-03-02-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
"name": "APPLE-SA-2011-03-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"name" : "APPLE-SA-2011-03-09-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
"name": "http://support.apple.com/kb/HT4554",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4554"
},
{
"name" : "APPLE-SA-2011-03-09-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
"name": "APPLE-SA-2011-03-09-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name" : "oval:org.mitre.oval:def:17378",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17378"
"name": "oval:org.mitre.oval:def:17378",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17378"
}
]
}

68
2011/0xxx/CVE-2011-0196.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0196",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0196",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network."
"lang": "eng",
"value": "AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4723",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4723"
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name" : "APPLE-SA-2011-06-23-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
}
]
}

62
2011/0xxx/CVE-2011-0813.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0813",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-0813",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
}
]
}

62
2011/0xxx/CVE-2011-0823.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0823",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-0823",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0819."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0819."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
}
]
}

22
2011/0xxx/CVE-2011-0936.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0936",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0936",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2011/1xxx/CVE-2011-1258.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1258",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1258",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka \"Drag and Drop Information Disclosure Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka \"Drag and Drop Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx"
"name": "oval:org.mitre.oval:def:12495",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12495"
},
{
"name" : "MS11-050",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050"
"name": "http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx"
},
{
"name" : "oval:org.mitre.oval:def:12495",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12495"
"name": "MS11-050",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050"
}
]
}

116
2011/1xxx/CVE-2011-1337.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1337",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1337",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages."
"lang": "eng",
"value": "Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1150/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1150/"
"name": "48501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48501"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1150/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1150/"
"name": "opera-error-pages-dos(68323)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68323"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1150/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1150/"
"name": "45060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45060"
},
{
"name" : "http://www.opera.com/support/kb/view/996/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/996/"
"name": "73486",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/73486"
},
{
"name" : "JVN#47757122",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN47757122/index.html"
"name": "http://www.opera.com/docs/changelogs/windows/1150/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1150/"
},
{
"name" : "JVNDB-2011-000049",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000049.html"
"name": "JVN#47757122",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN47757122/index.html"
},
{
"name" : "48501",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48501"
"name": "http://www.opera.com/docs/changelogs/unix/1150/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1150/"
},
{
"name" : "73486",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/73486"
"name": "JVNDB-2011-000049",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000049.html"
},
{
"name" : "45060",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/45060"
"name": "http://www.opera.com/docs/changelogs/mac/1150/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1150/"
},
{
"name" : "opera-error-pages-dos(68323)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68323"
"name": "http://www.opera.com/support/kb/view/996/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/996/"
}
]
}

80
2011/1xxx/CVE-2011-1391.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1391",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1391",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via unspecified vectors."
"lang": "eng",
"value": "The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21576352",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"
"name": "irr-bbf-code-execution(71803)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71803"
},
{
"name" : "47286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47286"
"name": "47286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47286"
},
{
"name" : "47310",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47310"
"name": "47310",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47310"
},
{
"name" : "irr-bbf-code-execution(71803)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71803"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21576352"
}
]
}

86
2011/1xxx/CVE-2011-1603.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1603",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-1603",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815."
"lang": "eng",
"value": "Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110601 Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml"
"name": "1025588",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025588"
},
{
"name" : "48079",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48079"
"name": "44814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44814/"
},
{
"name" : "72718",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/72718"
"name": "48079",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48079"
},
{
"name" : "1025588",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025588"
"name": "20110601 Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml"
},
{
"name" : "44814",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44814/"
"name": "72718",
"refsource": "OSVDB",
"url": "http://osvdb.org/72718"
}
]
}

62
2011/1xxx/CVE-2011-1640.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1640",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-1640",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354."
"lang": "eng",
"value": "The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html"
"name": "http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html"
}
]
}

22
2011/1xxx/CVE-2011-1693.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1693",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1693",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2011/5xxx/CVE-2011-5028.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5028",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5028",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20111218 Novell Sentinel Log Manager <=1.2.0.1 Path Traversal",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2011-12/0368.html"
"name": "1026437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026437"
},
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5138757.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5138757.html"
"name": "47258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47258"
},
{
"name" : "77948",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77948"
"name": "77948",
"refsource": "OSVDB",
"url": "http://osvdb.org/77948"
},
{
"name" : "1026437",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026437"
"name": "20111218 Novell Sentinel Log Manager <=1.2.0.1 Path Traversal",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-12/0368.html"
},
{
"name" : "47258",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47258"
"name": "novell-filedownload-dir-traversal(71861)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71861"
},
{
"name" : "48760",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48760"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5138757.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5138757.html"
},
{
"name" : "novell-filedownload-dir-traversal(71861)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71861"
"name": "48760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48760"
}
]
}

98
2014/3xxx/CVE-2014-3162.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2014-3162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"
"name": "68677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68677"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=393765",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=393765"
"name": "GLSA-201408-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"name" : "DSA-3039",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3039"
"name": "60372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60372"
},
{
"name" : "GLSA-201408-16",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
"name": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"
},
{
"name" : "68677",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68677"
"name": "60061",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60061"
},
{
"name" : "60372",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60372"
"name": "DSA-3039",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3039"
},
{
"name" : "60061",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60061"
"name": "https://code.google.com/p/chromium/issues/detail?id=393765",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=393765"
}
]
}

22
2014/3xxx/CVE-2014-3180.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3180",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3180",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2014/3xxx/CVE-2014-3519.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3519",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3519",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure."
"lang": "eng",
"value": "The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140624 OpenVZ simfs container filesystem breakout",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/06/24/16"
"name": "68171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68171"
},
{
"name" : "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-",
"refsource" : "CONFIRM",
"url" : "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"
"name": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update",
"refsource": "CONFIRM",
"url": "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"
},
{
"name" : "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update",
"refsource" : "CONFIRM",
"url" : "https://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-update"
"name": "[oss-security] 20140624 OpenVZ simfs container filesystem breakout",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/06/24/16"
},
{
"name" : "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update",
"refsource" : "CONFIRM",
"url" : "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"
"name": "https://openvz.org/Download/kernel/rhel6/042stab090.5",
"refsource": "CONFIRM",
"url": "https://openvz.org/Download/kernel/rhel6/042stab090.5"
},
{
"name" : "https://openvz.org/Download/kernel/rhel6/042stab090.5",
"refsource" : "CONFIRM",
"url" : "https://openvz.org/Download/kernel/rhel6/042stab090.5"
"name": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-",
"refsource": "CONFIRM",
"url": "https://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-"
},
{
"name" : "68171",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68171"
"name": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update",
"refsource": "CONFIRM",
"url": "https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-update"
}
]
}

1604
2014/3xxx/CVE-2014-3566.json
View File

File diff suppressed because it is too large Load Diff

188
2014/3xxx/CVE-2014-3690.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3690",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3690",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU."
"lang": "eng",
"value": "arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20141021 CVE-2014-3690: KVM DoS triggerable by malicious host userspace",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/10/21/4"
"name": "[oss-security] 20141029 Re: CVE-2014-3690: KVM DoS triggerable by malicious host userspace",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/10/29/7"
},
{
"name" : "[oss-security] 20141029 Re: CVE-2014-3690: KVM DoS triggerable by malicious host userspace",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/10/29/7"
"name": "SUSE-SU-2015:0736",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d974baa398f34393db76be45f7d4d04fbdbb4a0a",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d974baa398f34393db76be45f7d4d04fbdbb4a0a"
"name": "USN-2418-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2418-1"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2"
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1153322",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1153322"
"name": "USN-2417-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2417-1"
},
{
"name" : "https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d974baa398f34393db76be45f7d4d04fbdbb4a0a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d974baa398f34393db76be45f7d4d04fbdbb4a0a"
},
{
"name" : "DSA-3060",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3060"
"name": "SUSE-SU-2015:0178",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
},
{
"name" : "MDVSA-2015:058",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
"name": "USN-2419-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2419-1"
},
{
"name" : "RHSA-2015:0290",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0290.html"
"name": "DSA-3060",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3060"
},
{
"name" : "RHSA-2015:0782",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
"name": "70691",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70691"
},
{
"name" : "RHSA-2015:0864",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0864.html"
"name": "RHSA-2015:0864",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0864.html"
},
{
"name" : "SUSE-SU-2015:0178",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
"name": "RHSA-2015:0290",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0290.html"
},
{
"name" : "SUSE-SU-2015:0481",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:0566",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"name": "MDVSA-2015:058",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
},
{
"name" : "SUSE-SU-2015:0736",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name" : "USN-2419-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2419-1"
"name": "https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a"
},
{
"name" : "USN-2420-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2420-1"
"name": "RHSA-2015:0782",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
},
{
"name" : "USN-2421-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2421-1"
"name": "60174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60174"
},
{
"name" : "USN-2417-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2417-1"
"name": "USN-2421-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2421-1"
},
{
"name" : "USN-2418-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2418-1"
"name": "USN-2420-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2420-1"
},
{
"name" : "70691",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70691"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1153322",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1153322"
},
{
"name" : "60174",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60174"
"name": "[oss-security] 20141021 CVE-2014-3690: KVM DoS triggerable by malicious host userspace",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/10/21/4"
}
]
}

98
2014/3xxx/CVE-2014-3961.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3961",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3961",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an \"output CSV\" action to pdb-signup/."
"lang": "eng",
"value": "SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an \"output CSV\" action to pdb-signup/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "33613",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33613"
"name": "http://packetstormsecurity.com/files/126878/WordPress-Participants-Database-1.5.4.8-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126878/WordPress-Participants-Database-1.5.4.8-SQL-Injection.html"
},
{
"name" : "20140601 Yarubo #1: Arbitrary SQL Execution in Participants Database\tfor Wordpress",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Jun/0"
"name": "https://www.yarubo.com/advisories/1",
"refsource": "MISC",
"url": "https://www.yarubo.com/advisories/1"
},
{
"name" : "http://packetstormsecurity.com/files/126878/WordPress-Participants-Database-1.5.4.8-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/126878/WordPress-Participants-Database-1.5.4.8-SQL-Injection.html"
"name": "33613",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33613"
},
{
"name" : "https://www.yarubo.com/advisories/1",
"refsource" : "MISC",
"url" : "https://www.yarubo.com/advisories/1"
"name": "https://wordpress.org/plugins/participants-database/changelog",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/participants-database/changelog"
},
{
"name" : "https://wordpress.org/plugins/participants-database/changelog",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/participants-database/changelog"
"name": "20140601 Yarubo #1: Arbitrary SQL Execution in Participants Database\tfor Wordpress",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/0"
},
{
"name" : "67769",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67769"
"name": "107626",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/107626"
},
{
"name" : "107626",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/107626"
"name": "67769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67769"
}
]
}

68
2014/6xxx/CVE-2014-6169.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6169",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6169",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.0 and 8.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 97777."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.0 and 8.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 97777."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "103761",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103761"
"name": "ibm-forms-cve20146169-xss(97777)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97777"
},
{
"name" : "ibm-forms-cve20146169-xss(97777)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97777"
"name": "103761",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103761"
}
]
}

68
2014/6xxx/CVE-2014-6474.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6474",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6474",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name" : "SUSE-SU-2015:0743",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}
]
}

74
2014/6xxx/CVE-2014-6793.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6793",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6793",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Arch Friend (aka com.xyproto.archfriend) application 0.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Arch Friend (aka com.xyproto.archfriend) application 0.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#778649",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/778649"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#778649",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/778649"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7048.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7048",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7048",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#328353",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/328353"
},
{
"name" : "VU#328353",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/328353"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7534.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7534",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7534",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Funny & Interesting Things (aka com.wFunnyandInterestingThings) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Funny & Interesting Things (aka com.wFunnyandInterestingThings) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#984393",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/984393"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#984393",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/984393"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

104
2014/8xxx/CVE-2014-8690.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8690",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8690",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) \"First Name\" or (4) \"Last Name\" field to users/edituser."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) \"First Name\" or (4) \"Last Name\" field to users/edituser."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "36059",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/36059"
"name": "http://packetstormsecurity.com/files/130382/Exponent-CMS-2.3.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130382/Exponent-CMS-2.3.1-Cross-Site-Scripting.html"
},
{
"name" : "http://packetstormsecurity.com/files/130382/Exponent-CMS-2.3.1-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130382/Exponent-CMS-2.3.1-Cross-Site-Scripting.html"
"name": "1031775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031775"
},
{
"name" : "http://exponentcms.lighthouseapp.com/projects/61783/tickets/1230-universal-cross-site-scripting-in-exponent-cms-231-and-prior",
"refsource" : "CONFIRM",
"url" : "http://exponentcms.lighthouseapp.com/projects/61783/tickets/1230-universal-cross-site-scripting-in-exponent-cms-231-and-prior"
"name": "118263",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/118263"
},
{
"name" : "http://www.exponentcms.org/news/show/title/corrected-security-patches-released-for-v2-1-4-v2-2-3-and-v2-3-0",
"refsource" : "CONFIRM",
"url" : "http://www.exponentcms.org/news/show/title/corrected-security-patches-released-for-v2-1-4-v2-2-3-and-v2-3-0"
"name": "118345",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/118345"
},
{
"name" : "118263",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/118263"
"name": "http://www.exponentcms.org/news/show/title/corrected-security-patches-released-for-v2-1-4-v2-2-3-and-v2-3-0",
"refsource": "CONFIRM",
"url": "http://www.exponentcms.org/news/show/title/corrected-security-patches-released-for-v2-1-4-v2-2-3-and-v2-3-0"
},
{
"name" : "118345",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/118345"
"name": "36059",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/36059"
},
{
"name" : "1031775",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031775"
"name": "http://exponentcms.lighthouseapp.com/projects/61783/tickets/1230-universal-cross-site-scripting-in-exponent-cms-231-and-prior",
"refsource": "CONFIRM",
"url": "http://exponentcms.lighthouseapp.com/projects/61783/tickets/1230-universal-cross-site-scripting-in-exponent-cms-231-and-prior"
},
{
"name" : "exponentcms-cve20148690-xss(100877)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100877"
"name": "exponentcms-cve20148690-xss(100877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100877"
}
]
}

22
2014/8xxx/CVE-2014-8695.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8695",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8695",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/8xxx/CVE-2014-8697.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8697",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8697",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

90
2016/2xxx/CVE-2016-2972.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-23T00:00:00",
"ID" : "CVE-2016-2972",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-23T00:00:00",
"ID": "CVE-2016-2972",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Sametime",
"version" : {
"version_data" : [
"product_name": "Sametime",
"version": {
"version_data": [
{
"version_value" : "8.5.2"
"version_value": "8.5.2"
},
{
"version_value" : "8.5.2.1"
"version_value": "8.5.2.1"
},
{
"version_value" : "9.0"
"version_value": "9.0"
},
{
"version_value" : "9.0.0.1"
"version_value": "9.0.0.1"
},
{
"version_value" : "9.0.1"
"version_value": "9.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855."
"lang": "eng",
"value": "IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/113855",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/113855"
"name": "100599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100599"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006439",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006439"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/113855",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/113855"
},
{
"name" : "100599",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100599"
"name": "1039231",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039231"
},
{
"name" : "1039231",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039231"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006439",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006439"
}
]
}

68
2016/6xxx/CVE-2016-6788.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6788",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6788",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. References: MT-ALPS02943467."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. References: MT-ALPS02943467."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94687",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94687"
"name": "94687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94687"
}
]
}

78
2017/18xxx/CVE-2017-18093.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-19T00:00:00",
"ID" : "CVE-2017-18093",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-19T00:00:00",
"ID": "CVE-2017-18093",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Fisheye and Crucible",
"version" : {
"version_data" : [
"product_name": "Fisheye and Crucible",
"version": {
"version_data": [
{
"version_value" : "prior to 4.4.3"
"version_value": "prior to 4.4.3"
},
{
"version_value" : "prior to 4.5.0"
"version_value": "prior to 4.5.0"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackers who have permission to add or modify a repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the location setting of a configured repository."
"lang": "eng",
"value": "Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackers who have permission to add or modify a repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the location setting of a configured repository."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/CRUC-8175",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CRUC-8175"
"name": "103095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103095"
},
{
"name" : "https://jira.atlassian.com/browse/FE-7008",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-7008"
"name": "https://jira.atlassian.com/browse/CRUC-8175",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/CRUC-8175"
},
{
"name" : "103095",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103095"
"name": "https://jira.atlassian.com/browse/FE-7008",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/FE-7008"
}
]
}

22
2017/18xxx/CVE-2017-18110.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18110",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18110",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1855.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1855",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1855",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

68
2017/5xxx/CVE-2017-5515.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5515",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5515",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/semplon/GeniXCMS/issues/63",
"refsource" : "CONFIRM",
"url" : "https://github.com/semplon/GeniXCMS/issues/63"
"name": "https://github.com/semplon/GeniXCMS/issues/63",
"refsource": "CONFIRM",
"url": "https://github.com/semplon/GeniXCMS/issues/63"
},
{
"name" : "95623",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95623"
"name": "95623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95623"
}
]
}

22
2017/5xxx/CVE-2017-5770.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5770",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5770",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

76
2017/5xxx/CVE-2017-5805.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-04-27T00:00:00",
"ID" : "CVE-2017-5805",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-04-27T00:00:00",
"ID": "CVE-2017-5805",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Intelligent Management Center (iMC) PLAT",
"version" : {
"version_data" : [
"product_name": "Intelligent Management Center (iMC) PLAT",
"version": {
"version_data": [
{
"version_value" : "v7.2"
"version_value": "v7.2"
}
]
}
}
]
},
"vendor_name" : "Hewlett Packard Enterprise"
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found."
"lang": "eng",
"value": "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us"
"name": "1038377",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038377"
},
{
"name" : "98088",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98088"
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us"
},
{
"name" : "1038377",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038377"
"name": "98088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98088"
}
]
}

92
2017/5xxx/CVE-2017-5991.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5991",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5991",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation."
"lang": "eng",
"value": "An issue was discovered in Artifex Software, Inc. MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42138",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42138/"
"name": "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465",
"refsource": "CONFIRM",
"url": "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465"
},
{
"name" : "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465",
"refsource" : "CONFIRM",
"url" : "http://git.ghostscript.com/?p=mupdf.git;h=1912de5f08e90af1d9d0a9791f58ba3afdb9d465"
"name": "DSA-3797",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3797"
},
{
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=697500",
"refsource" : "CONFIRM",
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=697500"
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=697500",
"refsource": "CONFIRM",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=697500"
},
{
"name" : "DSA-3797",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3797"
"name": "GLSA-201706-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-08"
},
{
"name" : "GLSA-201706-08",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-08"
"name": "42138",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42138/"
},
{
"name" : "96213",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96213"
"name": "96213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96213"
}
]
}