admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:52:18 +00:00
parent 7482813054
commit 42e856242c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 4095 additions and 4095 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2006/2xxx/CVE-2006-2519.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2519",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2519",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. (dot dot) sequences in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in SPAW Editor PHP Edition."
"lang": "eng",
"value": "Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. (dot dot) sequences in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in SPAW Editor PHP Edition."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060521 [KAPDA::#43] - phpwcms multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/434706/100/0/threaded"
"name": "20239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20239"
},
{
"name" : "http://www.kapda.ir/advisory-331.html",
"refsource" : "MISC",
"url" : "http://www.kapda.ir/advisory-331.html"
"name": "phpwcms-spawcontrolclass-file-include(26639)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26639"
},
{
"name" : "18062",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18062"
"name": "ADV-2006-1934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1934"
},
{
"name" : "ADV-2006-1934",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1934"
"name": "http://www.kapda.ir/advisory-331.html",
"refsource": "MISC",
"url": "http://www.kapda.ir/advisory-331.html"
},
{
"name" : "25756",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25756"
"name": "939",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/939"
},
{
"name" : "20239",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20239"
"name": "18062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18062"
},
{
"name" : "939",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/939"
"name": "20060521 [KAPDA::#43] - phpwcms multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434706/100/0/threaded"
},
{
"name" : "phpwcms-spawcontrolclass-file-include(26639)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26639"
"name": "25756",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25756"
}
]
}

98
2006/2xxx/CVE-2006-2932.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2932",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-2932",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors."
"lang": "eng",
"value": "A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm"
"name": "RHSA-2006:0617",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0617.html"
},
{
"name" : "RHSA-2006:0617",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0617.html"
"name": "oval:org.mitre.oval:def:11410",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11410"
},
{
"name" : "19664",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19664"
"name": "21605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21605"
},
{
"name" : "28120",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28120"
"name": "19664",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19664"
},
{
"name" : "oval:org.mitre.oval:def:11410",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11410"
"name": "22174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22174"
},
{
"name" : "21605",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21605"
"name": "28120",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28120"
},
{
"name" : "22174",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22174"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm"
}
]
}

86
2006/2xxx/CVE-2006-2999.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2999",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2999",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060608 OKscripts.com - XSS Vulns",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436561"
"name": "20594",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20594"
},
{
"name" : "ADV-2006-2275",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2275"
"name": "20060608 OKscripts.com - XSS Vulns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436561"
},
{
"name" : "20594",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20594"
"name": "1080",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1080"
},
{
"name" : "1080",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1080"
"name": "quicklinks-search-xss(27133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27133"
},
{
"name" : "quicklinks-search-xss(27133)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27133"
"name": "ADV-2006-2275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2275"
}
]
}

74
2006/3xxx/CVE-2006-3190.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3190",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3190",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters."
"lang": "eng",
"value": "SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060615 HotPlugCMS_1.0 - SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=115039446925252&w=2"
"name": "ADV-2006-2403",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2403"
},
{
"name" : "ADV-2006-2403",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2403"
"name": "20060615 HotPlugCMS_1.0 - SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=115039446925252&w=2"
},
{
"name" : "1016322",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016322"
"name": "1016322",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016322"
}
]
}

68
2006/3xxx/CVE-2006-3297.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3297",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3297",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in error.php in UebiMiau Webmail 2.7.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the icq parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in error.php in UebiMiau Webmail 2.7.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the icq parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-2513",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2513"
"name": "uebimiau-multiple-scripts-xss(27371)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27371"
},
{
"name" : "uebimiau-multiple-scripts-xss(27371)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27371"
"name": "ADV-2006-2513",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2513"
}
]
}

98
2006/3xxx/CVE-2006-3500.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3500",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3500",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an \"improperly handled condition\" that leads to use of \"dangerous paths,\" probably related to an untrusted search path vulnerability."
"lang": "eng",
"value": "The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an \"improperly handled condition\" that leads to use of \"dangerous paths,\" probably related to an untrusted search path vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "APPLE-SA-2006-08-01",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html"
"name": "APPLE-SA-2006-08-01",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html"
},
{
"name" : "TA06-214A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html"
"name": "ADV-2006-3101",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3101"
},
{
"name" : "19289",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19289"
"name": "21253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21253"
},
{
"name" : "ADV-2006-3101",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3101"
"name": "macosx-dyld-privilege-escalation(28141)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28141"
},
{
"name" : "27738",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27738"
"name": "19289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19289"
},
{
"name" : "21253",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21253"
"name": "TA06-214A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html"
},
{
"name" : "macosx-dyld-privilege-escalation(28141)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28141"
"name": "27738",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27738"
}
]
}

80
2006/4xxx/CVE-2006-4543.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4543",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4543",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the (1) game parameter in players mode, the (2) weapon parameter in weaponinfo mode, the (3) st parameter in search mode, the (4) action parameter in actioninfo mode, and the (5) map parameter in mapinfo mode."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the (1) game parameter in players mode, the (2) weapon parameter in weaponinfo mode, the (3) st parameter in search mode, the (4) action parameter in actioninfo mode, and the (5) map parameter in mapinfo mode."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060830 XSS in HLstats 1.34",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/444716/100/0/threaded"
"name": "20060830 XSS in HLstats 1.34",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444716/100/0/threaded"
},
{
"name" : "19771",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19771"
"name": "21635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21635"
},
{
"name" : "21635",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21635"
"name": "1490",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1490"
},
{
"name" : "1490",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1490"
"name": "19771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19771"
}
]
}

92
2006/4xxx/CVE-2006-4587.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4587",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4587",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) description parameter in unspecified modules or the (2) solution parameter in the HelpDesk module."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) description parameter in unspecified modules or the (2) solution parameter in the HelpDesk module."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.security-net.biz/adv/D3906a.txt",
"refsource" : "MISC",
"url" : "http://www.security-net.biz/adv/D3906a.txt"
"name": "21728",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21728"
},
{
"name" : "19829",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19829"
"name": "http://www.security-net.biz/adv/D3906a.txt",
"refsource": "MISC",
"url": "http://www.security-net.biz/adv/D3906a.txt"
},
{
"name" : "ADV-2006-3444",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3444"
"name": "ADV-2006-3444",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3444"
},
{
"name" : "28460",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28460"
"name": "28460",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28460"
},
{
"name" : "28461",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28461"
"name": "19829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19829"
},
{
"name" : "21728",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21728"
"name": "28461",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28461"
}
]
}

92
2006/6xxx/CVE-2006-6311.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6311",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6311",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service via a style attribute in an HTML table tag with a width value that is dynamically calculated using JavaScript."
"lang": "eng",
"value": "Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service via a style attribute in an HTML table tag with a width value that is dynamically calculated using JavaScript."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061206 Internet Explorer 6. CSS Expression Denial of Service (P.o.C.)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453642/100/0/threaded"
"name": "1968",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1968"
},
{
"name" : "20061206 Re: Internet Explorer 6 CSS \"expression\" Denial of Service Exploit (P.o.C.)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453643/100/0/threaded"
"name": "20061206 Internet Explorer 6. CSS Expression Denial of Service (P.o.C.)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453642/100/0/threaded"
},
{
"name" : "20061207 Re: Internet Explorer 6 CSS \"expression\" Denial of Service Exploit (P.o.C.)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453772/100/0/threaded"
"name": "20061206 Re: Internet Explorer 6 CSS \"expression\" Denial of Service Exploit (P.o.C.)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453643/100/0/threaded"
},
{
"name" : "21466",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21466"
"name": "21466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21466"
},
{
"name" : "31326",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31326"
"name": "20061207 Re: Internet Explorer 6 CSS \"expression\" Denial of Service Exploit (P.o.C.)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453772/100/0/threaded"
},
{
"name" : "1968",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1968"
"name": "31326",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31326"
}
]
}

22
2006/6xxx/CVE-2006-6323.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6323",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6323",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

164
2006/6xxx/CVE-2006-6506.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6506",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-6506",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The \"Feed Preview\" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits."
"lang": "eng",
"value": "The \"Feed Preview\" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.legroom.net/modules.php?op=modload&name=News&file=article&sid=215",
"refsource" : "MISC",
"url" : "http://www.legroom.net/modules.php?op=modload&name=News&file=article&sid=215"
"name": "21668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21668"
},
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-75.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-75.html"
"name": "23672",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23672"
},
{
"name" : "GLSA-200701-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200701-02.xml"
"name": "ADV-2006-5068",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5068"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name": "23282",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23282"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "SUSE-SA:2006:080",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"
"name": "23614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23614"
},
{
"name" : "SUSE-SA:2007:006",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"
"name": "USN-398-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-398-1"
},
{
"name" : "USN-398-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-398-1"
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "TA06-354A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"
"name": "http://www.legroom.net/modules.php?op=modload&name=News&file=article&sid=215",
"refsource": "MISC",
"url": "http://www.legroom.net/modules.php?op=modload&name=News&file=article&sid=215"
},
{
"name" : "21668",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21668"
"name": "SUSE-SA:2006:080",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html"
},
{
"name" : "ADV-2006-5068",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5068"
"name": "23545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23545"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
"name": "TA06-354A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html"
},
{
"name" : "1017421",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017421"
"name": "23589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23589"
},
{
"name" : "23282",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23282"
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "23589",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23589"
"name": "SUSE-SA:2007:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html"
},
{
"name" : "23545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23545"
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-75.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-75.html"
},
{
"name" : "23614",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23614"
"name": "1017421",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017421"
},
{
"name" : "23672",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23672"
"name": "GLSA-200701-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-02.xml"
}
]
}

74
2006/6xxx/CVE-2006-6542.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6542",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6542",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2906",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2906"
"name": "2906",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2906"
},
{
"name" : "ADV-2006-4931",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4931"
"name": "ADV-2006-4931",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4931"
},
{
"name" : "fantasticnews-id-sql-injection(30834)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30834"
"name": "fantasticnews-id-sql-injection(30834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30834"
}
]
}

92
2006/7xxx/CVE-2006-7078.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7078",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7078",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) vorname, and (3) nachname parameters in the register script. NOTE: some details have been obtained from third party sources."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) vorname, and (3) nachname parameters in the register script. NOTE: some details have been obtained from third party sources."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060725 Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/441194/100/0/threaded"
"name": "ADV-2006-2981",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2981"
},
{
"name" : "20060725 Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048194.html"
"name": "phpt-login-xss(27967)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27967"
},
{
"name" : "ADV-2006-2981",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2981"
"name": "21206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21206"
},
{
"name" : "21206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21206"
"name": "2329",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2329"
},
{
"name" : "2329",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2329"
"name": "20060725 Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048194.html"
},
{
"name" : "phpt-login-xss(27967)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27967"
"name": "20060725 Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441194/100/0/threaded"
}
]
}

86
2010/2xxx/CVE-2010-2128.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2128",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2128",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "12607",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/12607"
"name": "39832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39832"
},
{
"name" : "40187",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40187"
"name": "12607",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12607"
},
{
"name" : "64706",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/64706"
"name": "jequoteform-view-file-include(58593)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58593"
},
{
"name" : "39832",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39832"
"name": "64706",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/64706"
},
{
"name" : "jequoteform-view-file-include(58593)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58593"
"name": "40187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40187"
}
]
}

68
2011/0xxx/CVE-2011-0174.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0174",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0174",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font."
"lang": "eng",
"value": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4581",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4581"
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name" : "APPLE-SA-2011-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}

86
2011/0xxx/CVE-2011-0614.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0614",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-0614",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file."
"lang": "eng",
"value": "Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "17278",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/17278/"
"name": "8253",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8253"
},
{
"name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5012.php",
"refsource" : "MISC",
"url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5012.php"
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5012.php",
"refsource": "MISC",
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5012.php"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-10.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-10.html"
"name": "17278",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17278/"
},
{
"name" : "47841",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47841"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-10.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-10.html"
},
{
"name" : "8253",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8253"
"name": "47841",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47841"
}
]
}

110
2011/0xxx/CVE-2011-0684.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0684",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0684",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation."
"lang": "eng",
"value": "Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1101/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1101/"
"name": "http://www.opera.com/docs/changelogs/windows/1101/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1101/"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1101/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1101/"
"name": "ADV-2011-0231",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0231"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1101/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1101/"
"name": "http://www.opera.com/docs/changelogs/unix/1101/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1101/"
},
{
"name" : "http://www.opera.com/support/kb/view/984/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/984/"
"name": "46036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46036"
},
{
"name" : "46036",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46036"
"name": "http://www.opera.com/docs/changelogs/mac/1101/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1101/"
},
{
"name" : "70730",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70730"
"name": "70730",
"refsource": "OSVDB",
"url": "http://osvdb.org/70730"
},
{
"name" : "oval:org.mitre.oval:def:12296",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12296"
"name": "http://www.opera.com/support/kb/view/984/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/984/"
},
{
"name" : "43023",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43023"
"name": "oval:org.mitre.oval:def:12296",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12296"
},
{
"name" : "ADV-2011-0231",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0231"
"name": "43023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43023"
}
]
}

98
2011/0xxx/CVE-2011-0926.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0926",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0926",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589."
"lang": "eng",
"value": "A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110223 ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516647/100/0/threaded"
"name": "ADV-2011-0513",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0513"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-091/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-091/"
"name": "cisco-securedesktop-activex-code-execution(65755)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65755"
},
{
"name" : "46536",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46536"
"name": "20110223 ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516647/100/0/threaded"
},
{
"name" : "1025118",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025118"
"name": "8105",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8105"
},
{
"name" : "8105",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8105"
"name": "1025118",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025118"
},
{
"name" : "ADV-2011-0513",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0513"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-091/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-091/"
},
{
"name" : "cisco-securedesktop-activex-code-execution(65755)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65755"
"name": "46536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46536"
}
]
}

86
2011/1xxx/CVE-2011-1019.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1019",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1019",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability."
"lang": "eng",
"value": "The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110225 Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/02/25/1"
"name": "https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b"
},
{
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38",
"refsource" : "CONFIRM",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8909c9ad8ff03611c9c96c9a92656213e4bb495b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8909c9ad8ff03611c9c96c9a92656213e4bb495b"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8909c9ad8ff03611c9c96c9a92656213e4bb495b",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8909c9ad8ff03611c9c96c9a92656213e4bb495b"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=680360",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680360"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=680360",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=680360"
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
},
{
"name" : "https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b"
"name": "[oss-security] 20110225 Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/02/25/1"
}
]
}

68
2011/1xxx/CVE-2011-1162.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command."
"lang": "eng",
"value": "The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=732629",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=732629"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=732629",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732629"
},
{
"name" : "50764",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50764"
"name": "50764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50764"
}
]
}

80
2011/1xxx/CVE-2011-1513.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1513",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1513",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name."
"lang": "eng",
"value": "Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.coresecurity.com/content/e107-cms-script-command-injection",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/content/e107-cms-script-command-injection"
"name": "http://www.coresecurity.com/content/e107-cms-script-command-injection",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/e107-cms-script-command-injection"
},
{
"name" : "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.8/install_.php?r1=11931&r2=12376&pathrev=12376",
"refsource" : "CONFIRM",
"url" : "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.8/install_.php?r1=11931&r2=12376&pathrev=12376"
"name": "50339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50339"
},
{
"name" : "50339",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50339"
"name": "e107-cmd-command-execution(70921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70921"
},
{
"name" : "e107-cmd-command-execution(70921)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70921"
"name": "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.8/install_.php?r1=11931&r2=12376&pathrev=12376",
"refsource": "CONFIRM",
"url": "http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.8/install_.php?r1=11931&r2=12376&pathrev=12376"
}
]
}

164
2011/1xxx/CVE-2011-1679.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1679",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1679",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
"lang": "eng",
"value": "ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/11"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name" : "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/9"
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/10"
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/12"
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/05/3"
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/05/7"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name" : "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/07/9"
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/5"
"name": "ncpfs-mtab-security-bypass(66701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66701"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/7"
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/16"
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name" : "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/15/6"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/22/4"
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/22/6"
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/31/3"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/31/4"
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name" : "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/04/01/2"
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name" : "ncpfs-mtab-security-bypass(66701)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66701"
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
]
}

62
2011/1xxx/CVE-2011-1757.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1757",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1757",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
"lang": "eng",
"value": "DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[djabberd] 20110604 CVE-2011-1757: djabberd billion laughs vulnerability",
"refsource" : "MLIST",
"url" : "http://groups.google.com/group/djabberd/msg/e3b250f3c1877ede?dmode=source"
"name": "[djabberd] 20110604 CVE-2011-1757: djabberd billion laughs vulnerability",
"refsource": "MLIST",
"url": "http://groups.google.com/group/djabberd/msg/e3b250f3c1877ede?dmode=source"
}
]
}

98
2011/3xxx/CVE-2011-3243.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3243",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-3243",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4999",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4999"
"name": "webkit-dom-windows-xss(70564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70564"
},
{
"name" : "http://support.apple.com/kb/HT5000",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5000"
"name": "APPLE-SA-2011-10-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
},
{
"name" : "APPLE-SA-2011-10-12-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
"name": "50088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50088"
},
{
"name" : "APPLE-SA-2011-10-12-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
"name": "APPLE-SA-2011-10-12-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
},
{
"name" : "50088",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50088"
"name": "76353",
"refsource": "OSVDB",
"url": "http://osvdb.org/76353"
},
{
"name" : "76353",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/76353"
"name": "http://support.apple.com/kb/HT4999",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4999"
},
{
"name" : "webkit-dom-windows-xss(70564)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70564"
"name": "http://support.apple.com/kb/HT5000",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5000"
}
]
}

134
2011/3xxx/CVE-2011-3665.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3665",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3665",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling."
"lang": "eng",
"value": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-58.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-58.html"
"name": "MDVSA-2011:192",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=701259",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=701259"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=701259",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=701259"
},
{
"name" : "MDVSA-2011:192",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"
"name": "firefox-ogg-dos(71913)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71913"
},
{
"name" : "openSUSE-SU-2012:0007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"
"name": "47334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47334"
},
{
"name" : "openSUSE-SU-2012:0039",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"
"name": "1026447",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026447"
},
{
"name" : "77956",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77956"
"name": "1026446",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026446"
},
{
"name" : "oval:org.mitre.oval:def:14640",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14640"
"name": "1026445",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026445"
},
{
"name" : "1026445",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026445"
"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-58.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-58.html"
},
{
"name" : "1026446",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026446"
"name": "77956",
"refsource": "OSVDB",
"url": "http://osvdb.org/77956"
},
{
"name" : "1026447",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026447"
"name": "oval:org.mitre.oval:def:14640",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14640"
},
{
"name" : "47302",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47302"
"name": "47302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47302"
},
{
"name" : "47334",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47334"
"name": "openSUSE-SU-2012:0039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"
},
{
"name" : "firefox-ogg-dos(71913)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71913"
"name": "openSUSE-SU-2012:0007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"
}
]
}

116
2011/4xxx/CVE-2011-4101.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4101",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4101",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet."
"lang": "eng",
"value": "The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20111101 Re: CVE request for wireshark flaws",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/11/01/9"
"name": "http://www.wireshark.org/security/wnpa-sec-2011-18.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-18.html"
},
{
"name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500",
"refsource" : "CONFIRM",
"url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500"
"name": "46644",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46644"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2011-18.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2011-18.html"
"name": "oval:org.mitre.oval:def:14760",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14760"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476"
"name": "76769",
"refsource": "OSVDB",
"url": "http://osvdb.org/76769"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=750645",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=750645"
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=39500"
},
{
"name" : "50481",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50481"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6476"
},
{
"name" : "76769",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/76769"
"name": "[oss-security] 20111101 Re: CVE request for wireshark flaws",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/11/01/9"
},
{
"name" : "oval:org.mitre.oval:def:14760",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14760"
"name": "wireshark-infiniband-dissector-dos(71091)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71091"
},
{
"name" : "46644",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46644"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=750645",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=750645"
},
{
"name" : "wireshark-infiniband-dissector-dos(71091)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71091"
"name": "50481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50481"
}
]
}

80
2011/4xxx/CVE-2011-4130.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4130",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4130",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer."
"lang": "eng",
"value": "Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-328/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-328/"
"name": "http://bugs.proftpd.org/show_bug.cgi?id=3711",
"refsource": "CONFIRM",
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3711"
},
{
"name" : "http://bugs.proftpd.org/show_bug.cgi?id=3711",
"refsource" : "CONFIRM",
"url" : "http://bugs.proftpd.org/show_bug.cgi?id=3711"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-328/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-328/"
},
{
"name" : "http://www.proftpd.org/docs/NEWS-1.3.3g",
"refsource" : "CONFIRM",
"url" : "http://www.proftpd.org/docs/NEWS-1.3.3g"
"name": "http://www.proftpd.org/docs/NEWS-1.3.3g",
"refsource": "CONFIRM",
"url": "http://www.proftpd.org/docs/NEWS-1.3.3g"
},
{
"name" : "50631",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50631"
"name": "50631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50631"
}
]
}

22
2011/4xxx/CVE-2011-4179.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4179",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4179",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2011/4xxx/CVE-2011-4272.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4272",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4272",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

104
2011/4xxx/CVE-2011-4932.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4932",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4932",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter."
"lang": "eng",
"value": "Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110927 NGS00109 Patch Notification: ImpressPages CMS Remote code execution",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2011/Sep/156"
"name": "46193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46193"
},
{
"name" : "20120105 NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-01/0029.html"
"name": "http://www.impresspages.org/news/impresspages-1-0-13-security-release/",
"refsource": "CONFIRM",
"url": "http://www.impresspages.org/news/impresspages-1-0-13-security-release/"
},
{
"name" : "[oss-security] 20120115 CVE-request: NGS00109 remote code execution in ImpressPages CMS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/01/15/9"
"name": "75783",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/75783"
},
{
"name" : "[oss-security] 20120118 Re: CVE-request: NGS00109 remote code execution in ImpressPages CMS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/01/18/12"
"name": "[oss-security] 20120118 Re: CVE-request: NGS00109 remote code execution in ImpressPages CMS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/18/12"
},
{
"name" : "http://www.impresspages.org/news/impresspages-1-0-13-security-release/",
"refsource" : "CONFIRM",
"url" : "http://www.impresspages.org/news/impresspages-1-0-13-security-release/"
"name": "49798",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49798"
},
{
"name" : "49798",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49798"
"name": "20120105 NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0029.html"
},
{
"name" : "75783",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/75783"
"name": "[oss-security] 20120115 CVE-request: NGS00109 remote code execution in ImpressPages CMS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/15/9"
},
{
"name" : "46193",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46193"
"name": "20110927 NGS00109 Patch Notification: ImpressPages CMS Remote code execution",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2011/Sep/156"
}
]
}

22
2013/5xxx/CVE-2013-5950.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5950",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5950",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/2xxx/CVE-2014-2069.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2069",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2069",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx."
"lang": "eng",
"value": "Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140222 [CVE-2014-2069] 'eshtery CMS' allows remote attackers to read arbitrary files",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Feb/219"
"name": "eshtery-filemanager-file-disclosure(91463)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91463"
},
{
"name" : "65740",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65740"
"name": "20140222 [CVE-2014-2069] 'eshtery CMS' allows remote attackers to read arbitrary files",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Feb/219"
},
{
"name" : "eshtery-filemanager-file-disclosure(91463)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91463"
"name": "65740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65740"
}
]
}

98
2014/2xxx/CVE-2014-2310.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2310",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2310",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151."
"lang": "eng",
"value": "The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140306 CVE request: net-snmp agentx incorrect handling of multi-object requests DoS",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/513"
"name": "57870",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57870"
},
{
"name" : "[oss-security] 20140307 Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/527"
"name": "http://sourceforge.net/p/net-snmp/patches/1113/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/net-snmp/patches/1113/"
},
{
"name" : "http://sourceforge.net/p/net-snmp/code/ci/eb816330a1887798d844d2fd5dc6482002123cbd/",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/p/net-snmp/code/ci/eb816330a1887798d844d2fd5dc6482002123cbd/"
"name": "[oss-security] 20140306 CVE request: net-snmp agentx incorrect handling of multi-object requests DoS",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/513"
},
{
"name" : "http://sourceforge.net/p/net-snmp/patches/1113/",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/p/net-snmp/patches/1113/"
"name": "http://sourceforge.net/p/net-snmp/code/ci/eb816330a1887798d844d2fd5dc6482002123cbd/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/net-snmp/code/ci/eb816330a1887798d844d2fd5dc6482002123cbd/"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388"
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388"
},
{
"name" : "USN-2166-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-2166-1"
"name": "[oss-security] 20140307 Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/527"
},
{
"name" : "57870",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57870"
"name": "USN-2166-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2166-1"
}
]
}

62
2014/2xxx/CVE-2014-2418.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2418",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-2418",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2417."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2417."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
}
]
}

98
2014/2xxx/CVE-2014-2512.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2512",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2014-2512",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140630 ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0176.html"
"name": "http://packetstormsecurity.com/files/127321/EMC-Documentum-eRoom-Stored-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127321/EMC-Documentum-eRoom-Stored-Cross-Site-Scripting.html"
},
{
"name" : "20140701 SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/532608/100/0/threaded"
"name": "1030493",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030493"
},
{
"name" : "20140701 SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Jul/0"
"name": "59419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59419"
},
{
"name" : "http://packetstormsecurity.com/files/127309/EMC-Documentum-eRoom-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127309/EMC-Documentum-eRoom-Cross-Site-Scripting.html"
"name": "http://packetstormsecurity.com/files/127309/EMC-Documentum-eRoom-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127309/EMC-Documentum-eRoom-Cross-Site-Scripting.html"
},
{
"name" : "http://packetstormsecurity.com/files/127321/EMC-Documentum-eRoom-Stored-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127321/EMC-Documentum-eRoom-Stored-Cross-Site-Scripting.html"
"name": "20140701 SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/0"
},
{
"name" : "1030493",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030493"
"name": "20140630 ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0176.html"
},
{
"name" : "59419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59419"
"name": "20140701 SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532608/100/0/threaded"
}
]
}

68
2014/2xxx/CVE-2014-2963.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2963",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2963",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/samuelkong/liferay-portal/pull/610",
"refsource" : "CONFIRM",
"url" : "https://github.com/samuelkong/liferay-portal/pull/610"
"name": "VU#100972",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/100972"
},
{
"name" : "VU#100972",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/100972"
"name": "https://github.com/samuelkong/liferay-portal/pull/610",
"refsource": "CONFIRM",
"url": "https://github.com/samuelkong/liferay-portal/pull/610"
}
]
}

74
2014/6xxx/CVE-2014-6003.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6003",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6003",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#728929",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/728929"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#728929",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/728929"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

80
2014/6xxx/CVE-2014-6028.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6028",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6028",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php."
"lang": "eng",
"value": "TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140829 RE: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/08/29/5"
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759573",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759573"
},
{
"name" : "[oss-security] 20140902 Re: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/09/02/3"
"name": "[oss-security] 20140829 RE: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/5"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759573",
"refsource" : "MISC",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759573"
"name": "1030791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030791"
},
{
"name" : "1030791",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030791"
"name": "[oss-security] 20140902 Re: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/3"
}
]
}

62
2014/6xxx/CVE-2014-6374.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6374",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-6374",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-080",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080"
"name": "MS14-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080"
}
]
}

104
2014/6xxx/CVE-2014-6464.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "62073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62073"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name" : "GLSA-201411-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201411-02.xml"
"name": "GLSA-201411-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201411-02.xml"
},
{
"name" : "SUSE-SU-2015:0743",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "70451",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70451"
"name": "61579",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61579"
},
{
"name" : "61579",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61579"
"name": "70451",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70451"
},
{
"name" : "62073",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/62073"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}

74
2014/7xxx/CVE-2014-7084.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7084",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7084",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Hesheng 80 (aka com.ireadercity.c29) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Hesheng 80 (aka com.ireadercity.c29) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#347097",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/347097"
},
{
"name" : "VU#347097",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/347097"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

92
2014/7xxx/CVE-2014-7230.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7230",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7230",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log."
"lang": "eng",
"value": "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q3/853"
"name": "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/853"
},
{
"name" : "https://bugs.launchpad.net/oslo-incubator/+bug/1343604",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/oslo-incubator/+bug/1343604"
"name": "openstack-cinder-cve20147230-info-disc(96725)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725"
},
{
"name" : "RHSA-2014:1939",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1939.html"
"name": "70185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70185"
},
{
"name" : "USN-2405-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2405-1"
"name": "https://bugs.launchpad.net/oslo-incubator/+bug/1343604",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/oslo-incubator/+bug/1343604"
},
{
"name" : "70185",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70185"
"name": "RHSA-2014:1939",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1939.html"
},
{
"name" : "openstack-cinder-cve20147230-info-disc(96725)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725"
"name": "USN-2405-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2405-1"
}
]
}

80
2017/0xxx/CVE-2017-0211.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0211",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0211",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows OLE",
"version" : {
"version_data" : [
"product_name": "Windows OLE",
"version": {
"version_data": [
{
"version_value" : "Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016"
"version_value": "Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka \"Windows OLE Elevation of Privilege Vulnerability.\""
"lang": "eng",
"value": "An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka \"Windows OLE Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41902",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41902/"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0211"
"name": "41902",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41902/"
},
{
"name" : "97514",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97514"
"name": "1038240",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038240"
},
{
"name" : "1038240",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038240"
"name": "97514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97514"
}
]
}

70
2017/0xxx/CVE-2017-0679.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-07-05T00:00:00",
"ID" : "CVE-2017-0679",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-07-05T00:00:00",
"ID": "CVE-2017-0679",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2"
"version_value": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978."
"lang": "eng",
"value": "A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote code execution"
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01"
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name" : "99478",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99478"
"name": "99478",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99478"
}
]
}

64
2017/0xxx/CVE-2017-0843.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00",
"ID" : "CVE-2017-0843",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-0843",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android kernel"
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the MediaTek ccci. Product: Android. Versions: Android kernel. Android ID: A-62670819. References: M-ALPS03361488."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the MediaTek ccci. Product: Android. Versions: Android kernel. Android ID: A-62670819. References: M-ALPS03361488."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-11-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-11-01"
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
}
]
}

72
2017/18xxx/CVE-2017-18098.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-04-06T00:00:00",
"ID" : "CVE-2017-18098",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-04-06T00:00:00",
"ID": "CVE-2017-18098",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Jira",
"version" : {
"version_data" : [
"product_name": "Jira",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "7.6.1"
"version_affected": "<",
"version_value": "7.6.1"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields."
"lang": "eng",
"value": "The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/JRASERVER-67075",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/JRASERVER-67075"
"name": "https://jira.atlassian.com/browse/JRASERVER-67075",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/JRASERVER-67075"
},
{
"name" : "103765",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103765"
"name": "103765",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103765"
}
]
}

22
2017/1xxx/CVE-2017-1002.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1002",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1002",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1033.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1033",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1033",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2017/1xxx/CVE-2017-1328.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1328",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1328",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "API Connect",
"version" : {
"version_data" : [
"product_name": "API Connect",
"version": {
"version_data": [
{
"version_value" : "5.0.1.0"
"version_value": "5.0.1.0"
},
{
"version_value" : "5.0.0.0"
"version_value": "5.0.0.0"
},
{
"version_value" : "5.0.2.0"
"version_value": "5.0.2.0"
},
{
"version_value" : "5.0.5.0"
"version_value": "5.0.5.0"
},
{
"version_value" : "5.0.6.0"
"version_value": "5.0.6.0"
},
{
"version_value" : "5.0.3.0"
"version_value": "5.0.3.0"
},
{
"version_value" : "5.0.4.0"
"version_value": "5.0.4.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. By crafting a suitable request, an attacker could exploit this vulnerability to bypass security and use the vulnerable API. IBM X-Force ID: 126230."
"lang": "eng",
"value": "IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. By crafting a suitable request, an attacker could exploit this vulnerability to bypass security and use the vulnerable API. IBM X-Force ID: 126230."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Bypass Security"
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126230"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22003867",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22003867"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003867",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003867"
},
{
"name" : "99267",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99267"
"name": "99267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99267"
}
]
}

74
2017/1xxx/CVE-2017-1601.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1601",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1601",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132624."
"lang": "eng",
"value": "IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132624."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22014230",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014230"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22014230",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014230"
},
{
"name" : "1040899",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040899"
"name": "ibm-guardium-cve20171601-info-disc(132624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132624"
},
{
"name" : "ibm-guardium-cve20171601-info-disc(132624)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/132624"
"name": "1040899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040899"
}
]
}

102
2017/1xxx/CVE-2017-1625.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-03-05T00:00:00",
"ID" : "CVE-2017-1625",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-03-05T00:00:00",
"ID": "CVE-2017-1625",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Pulse for QRadar",
"version" : {
"version_data" : [
"product_name": "Pulse for QRadar",
"version": {
"version_data": [
{
"version_value" : "1.0.0"
"version_value": "1.0.0"
},
{
"version_value" : "1.0.3"
"version_value": "1.0.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 133123."
"lang": "eng",
"value": "IBM Pulse for QRadar 1.0.0 - 1.0.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 133123."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "N",
"PR": "N",
"S": "U",
"SCORE": "5.300",
"UI": "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22014284",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014284"
"name": "103398",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103398"
},
{
"name" : "103398",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103398"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22014284",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014284"
},
{
"name" : "ibm-qradar-cve20171625-info-disc(133123)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/133123"
"name": "ibm-qradar-cve20171625-info-disc(133123)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133123"
}
]
}

22
2017/1xxx/CVE-2017-1840.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1840",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1840",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

68
2017/5xxx/CVE-2017-5209.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5209",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5209",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data."
"lang": "eng",
"value": "The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957",
"refsource" : "CONFIRM",
"url" : "https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957"
"name": "95385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95385"
},
{
"name" : "95385",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95385"
"name": "https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957",
"refsource": "CONFIRM",
"url": "https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957"
}
]
}

68
2017/5xxx/CVE-2017-5876.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5876",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5876",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter."
"lang": "eng",
"value": "XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/dotCMS/core/issues/10643",
"refsource" : "MISC",
"url" : "https://github.com/dotCMS/core/issues/10643"
"name": "https://github.com/dotCMS/core/issues/10643",
"refsource": "MISC",
"url": "https://github.com/dotCMS/core/issues/10643"
},
{
"name" : "96115",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96115"
"name": "96115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96115"
}
]
}

80
2017/5xxx/CVE-2017-5982.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5982",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5982",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd."
"lang": "eng",
"value": "Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41312",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41312/"
"name": "41312",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41312/"
},
{
"name" : "20170214 [Kodi v17.1] - Local File Inclusion",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2017/Feb/27"
"name": "http://packetstormsecurity.com/files/141043/Kodi-17.1-Arbitrary-File-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/141043/Kodi-17.1-Arbitrary-File-Disclosure.html"
},
{
"name" : "http://packetstormsecurity.com/files/141043/Kodi-17.1-Arbitrary-File-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/141043/Kodi-17.1-Arbitrary-File-Disclosure.html"
"name": "20170214 [Kodi v17.1] - Local File Inclusion",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2017/Feb/27"
},
{
"name" : "96481",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96481"
"name": "96481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96481"
}
]
}

68
2017/5xxx/CVE-2017-5996.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5996",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5996",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\\ProgramData permissions."
"lang": "eng",
"value": "The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\\ProgramData permissions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.vsecurity.com/download/advisories/20171026-1.txt",
"refsource" : "MISC",
"url" : "https://www.vsecurity.com/download/advisories/20171026-1.txt"
"name": "https://www.vsecurity.com/download/advisories/20171026-1.txt",
"refsource": "MISC",
"url": "https://www.vsecurity.com/download/advisories/20171026-1.txt"
},
{
"name" : "1039679",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039679"
"name": "1039679",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039679"
}
]
}