admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:41:53 +00:00
parent 18e79b6ce9
commit 4aa66f7592
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3995 additions and 3995 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
2006/3xxx/CVE-2006-3203.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3203", "ID": "CVE-2006-3203",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060620 ULtimate PHP Board <= 1.96 GOLD Code Execution (exploit code)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/437875/100/0/threaded" "lang": "eng",
}, "value": "The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges."
{ }
"name" : "http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt", ]
"refsource" : "MISC", },
"url" : "http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1138", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1138" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt",
"refsource": "MISC",
"url": "http://www.kliconsulting.com/users/mbrooks/UPB_0-day.txt"
},
{
"name": "1138",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1138"
},
{
"name": "20060620 ULtimate PHP Board <= 1.96 GOLD Code Execution (exploit code)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437875/100/0/threaded"
}
]
}
}

150
2006/3xxx/CVE-2006-3414.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3414", "ID": "CVE-2006-3414",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tor.eff.org/cvs/tor/ChangeLog", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tor.eff.org/cvs/tor/ChangeLog" "lang": "eng",
}, "value": "Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution."
{ }
"name" : "GLSA-200606-04", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-200606-04.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25877", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25877" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20514", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/20514" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20514"
},
{
"name": "GLSA-200606-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"
},
{
"name": "http://tor.eff.org/cvs/tor/ChangeLog",
"refsource": "CONFIRM",
"url": "http://tor.eff.org/cvs/tor/ChangeLog"
},
{
"name": "25877",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25877"
}
]
}
}

150
2006/3xxx/CVE-2006-3483.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3483", "ID": "CVE-2006-3483",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.html" "lang": "eng",
}, "value": "PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat."
{ }
"name" : "27018", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/27018" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27017", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27017" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1016439", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1016439" ]
} },
] "references": {
} "reference_data": [
} {
"name": "27017",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27017"
},
{
"name": "1016439",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016439"
},
{
"name": "http://lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.html"
},
{
"name": "27018",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27018"
}
]
}
}

140
2006/3xxx/CVE-2006-3618.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3618", "ID": "CVE-2006-3618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/439486/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters."
{ }
"name" : "http://www.neosecurityteam.net/index.php?action=advisories&id=23", ]
"refsource" : "MISC", },
"url" : "http://www.neosecurityteam.net/index.php?action=advisories&id=23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "pblguestbook-pblguestbook-sql-injection(27624)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "pblguestbook-pblguestbook-sql-injection(27624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27624"
},
{
"name": "20060707 PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439486/100/0/threaded"
},
{
"name": "http://www.neosecurityteam.net/index.php?action=advisories&id=23",
"refsource": "MISC",
"url": "http://www.neosecurityteam.net/index.php?action=advisories&id=23"
}
]
}
}

160
2006/3xxx/CVE-2006-3914.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3914", "ID": "CVE-2006-3914",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via \"View Attempt Details\" in the Gradebook."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060720 Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/440888/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via \"View Attempt Details\" in the Gradebook."
{ }
"name" : "19101", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19101" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1016556", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016556" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1295", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/1295" ]
}, },
{ "references": {
"name" : "blackboard-test-textbox-xss(27895)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27895" "name": "1295",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1295"
} },
} {
"name": "20060720 Blackboard Academic Suite 6.2.23 +/-: Persistent cross-site scripting vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440888/100/0/threaded"
},
{
"name": "blackboard-test-textbox-xss(27895)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27895"
},
{
"name": "1016556",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016556"
},
{
"name": "19101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19101"
}
]
}
}

130
2006/4xxx/CVE-2006-4499.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4499", "ID": "CVE-2006-4499",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.justinsamuel.com/security-vulnerabilities/12/vulnerability-modernbill-insecure-curl-settings", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.justinsamuel.com/security-vulnerabilities/12/vulnerability-modernbill-insecure-curl-settings" "lang": "eng",
}, "value": "ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack."
{ }
"name" : "21663", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/21663" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21663",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21663"
},
{
"name": "http://www.justinsamuel.com/security-vulnerabilities/12/vulnerability-modernbill-insecure-curl-settings",
"refsource": "MISC",
"url": "http://www.justinsamuel.com/security-vulnerabilities/12/vulnerability-modernbill-insecure-curl-settings"
}
]
}
}

180
2006/4xxx/CVE-2006-4622.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4622", "ID": "CVE-2006-4622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060905 [Kurdish Security # 26 ] AnnonceV News Script Remote Command Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/445199/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter."
{ }
"name" : "http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html", ]
"refsource" : "MISC", },
"url" : "http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19854", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19854" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3470", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3470" ]
}, },
{ "references": {
"name" : "21772", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21772" "name": "1515",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1515"
"name" : "1515", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1515" "name": "19854",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19854"
"name" : "annoncev-annonce-file-include(28742)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28742" "name": "ADV-2006-3470",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3470"
} },
} {
"name": "20060905 [Kurdish Security # 26 ] AnnonceV News Script Remote Command Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445199/100/0/threaded"
},
{
"name": "http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html",
"refsource": "MISC",
"url": "http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html"
},
{
"name": "annoncev-annonce-file-include(28742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28742"
},
{
"name": "21772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21772"
}
]
}
}

34
2006/4xxx/CVE-2006-4729.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4729", "ID": "CVE-2006-4729",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2006/4xxx/CVE-2006-4780.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4780", "ID": "CVE-2006-4780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060912 AzzCoder => phpBB XS 0.58 Remote File Include", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/445816/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
{ }
"name" : "2349", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/2349" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19961", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19961" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3568", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3568" ]
}, },
{ "references": {
"name" : "21841", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21841" "name": "20060912 AzzCoder => phpBB XS 0.58 Remote File Include",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/445816/100/0/threaded"
"name" : "1576", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1576" "name": "21841",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21841"
"name" : "phpbbxs-functions-file-include(28879)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28879" "name": "ADV-2006-3568",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3568"
} },
} {
"name": "1576",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1576"
},
{
"name": "19961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19961"
},
{
"name": "2349",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2349"
},
{
"name": "phpbbxs-functions-file-include(28879)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28879"
}
]
}
}

140
2006/4xxx/CVE-2006-4888.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4888", "ID": "CVE-2006-4888",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060713 IE <= 6 DoS vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-07/0199.html" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT."
{ }
"name" : "http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/", ]
"refsource" : "MISC", },
"url" : "http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "28614", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/28614" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "28614",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28614"
},
{
"name": "http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/",
"refsource": "MISC",
"url": "http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/"
},
{
"name": "20060713 IE <= 6 DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0199.html"
}
]
}
}

120
2006/6xxx/CVE-2006-6667.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6667", "ID": "CVE-2006-6667",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nick_mod or (2) nick parameter to (a) repass.php or (b) verify.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-5059", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5059" "lang": "eng",
} "value": "Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nick_mod or (2) nick parameter to (a) repass.php or (b) verify.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-5059",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5059"
}
]
}
}

150
2006/6xxx/CVE-2006-6728.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6728", "ID": "CVE-2006-6728",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=471428", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=471428" "lang": "eng",
}, "value": "Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vectors."
{ }
"name" : "21715", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21715" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-5132", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5132" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37369", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37369" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://sourceforge.net/project/shownotes.php?release_id=471428",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=471428"
},
{
"name": "21715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21715"
},
{
"name": "37369",
"refsource": "OSVDB",
"url": "http://osvdb.org/37369"
},
{
"name": "ADV-2006-5132",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5132"
}
]
}
}

170
2006/6xxx/CVE-2006-6789.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6789", "ID": "CVE-2006-6789",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061225 PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455304/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
{ }
"name" : "21738", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21738" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-5186", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5186" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1017443", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1017443" ]
}, },
{ "references": {
"name" : "23496", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23496" "name": "21738",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21738"
"name" : "2065", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2065" "name": "20061225 PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/455304/100/0/threaded"
} },
} {
"name": "23496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23496"
},
{
"name": "1017443",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017443"
},
{
"name": "2065",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2065"
},
{
"name": "ADV-2006-5186",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5186"
}
]
}
}

160
2006/7xxx/CVE-2006-7040.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7040", "ID": "CVE-2006-7040",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a TOP command to the POP3 service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.atrium-software.com/download/McrReadMe_EN.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.atrium-software.com/download/McrReadMe_EN.html" "lang": "eng",
}, "value": "Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a TOP command to the POP3 service."
{ }
"name" : "18462", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18462" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2354", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2354" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20432", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/20432" ]
}, },
{ "references": {
"name" : "mercur-top-dos(27232)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27232" "name": "18462",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/18462"
} },
} {
"name": "ADV-2006-2354",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2354"
},
{
"name": "20432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20432"
},
{
"name": "mercur-top-dos(27232)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27232"
},
{
"name": "http://www.atrium-software.com/download/McrReadMe_EN.html",
"refsource": "CONFIRM",
"url": "http://www.atrium-software.com/download/McrReadMe_EN.html"
}
]
}
}

200
2006/7xxx/CVE-2006-7072.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7072", "ID": "CVE-2006-7072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and earlier allows remote attackers to inject arbitrary web script and HTML via the (1) b[username] and (2) c parameters to (a) index.php, the b[username] parameter to (b) admin/index.php, and (3) c[phone] parameter to register.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060727 GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/441294/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and earlier allows remote attackers to inject arbitrary web script and HTML via the (1) b[username] and (2) c parameters to (a) index.php, the b[username] parameter to (b) admin/index.php, and (3) c[phone] parameter to register.php."
{ }
"name" : "19196", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19196" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-3065", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3065" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27630", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/27630" ]
}, },
{ "references": {
"name" : "27631", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27631" "name": "2324",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2324"
"name" : "27632", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27632" "name": "27632",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/27632"
"name" : "21237", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21237" "name": "27630",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/27630"
"name" : "2324", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2324" "name": "geoclassifieds-index-xss(28041)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28041"
"name" : "geoclassifieds-index-xss(28041)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28041" "name": "ADV-2006-3065",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3065"
} },
} {
"name": "27631",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27631"
},
{
"name": "19196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19196"
},
{
"name": "20060727 GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441294/100/0/threaded"
},
{
"name": "21237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21237"
}
]
}
}

250
2010/2xxx/CVE-2010-2228.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-2228", "ID": "CVE-2010-2228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20100621 Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/06/21/2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username."
{ }
"name" : "http://docs.moodle.org/en/Moodle_1.8.13_release_notes", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.moodle.org/en/Moodle_1.8.13_release_notes" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://docs.moodle.org/en/Moodle_1.9.9_release_notes", "description": [
"refsource" : "CONFIRM", {
"url" : "http://docs.moodle.org/en/Moodle_1.9.9_release_notes" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://moodle.org/mod/forum/discuss.php?d=152366", ]
"refsource" : "CONFIRM", }
"url" : "http://moodle.org/mod/forum/discuss.php?d=152366" ]
}, },
{ "references": {
"name" : "http://tracker.moodle.org/browse/MDL-22040", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://tracker.moodle.org/browse/MDL-22040" "name": "http://docs.moodle.org/en/Moodle_1.8.13_release_notes",
}, "refsource": "CONFIRM",
{ "url": "http://docs.moodle.org/en/Moodle_1.8.13_release_notes"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=605809", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=605809" "name": "FEDORA-2010-10286",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.html"
"name" : "FEDORA-2010-10286", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.html" "name": "ADV-2010-1571",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1571"
"name" : "FEDORA-2010-10291", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.html" "name": "[oss-security] 20100621 Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/06/21/2"
"name" : "FEDORA-2010-10321", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.html" "name": "40352",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40352"
"name" : "SUSE-SR:2010:014", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" "name": "ADV-2010-1530",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1530"
"name" : "40248", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40248" "name": "FEDORA-2010-10321",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.html"
"name" : "40352", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40352" "name": "http://docs.moodle.org/en/Moodle_1.9.9_release_notes",
}, "refsource": "CONFIRM",
{ "url": "http://docs.moodle.org/en/Moodle_1.9.9_release_notes"
"name" : "ADV-2010-1530", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1530" "name": "40248",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40248"
"name" : "ADV-2010-1571", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1571" "name": "FEDORA-2010-10291",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.html"
} },
} {
"name": "http://moodle.org/mod/forum/discuss.php?d=152366",
"refsource": "CONFIRM",
"url": "http://moodle.org/mod/forum/discuss.php?d=152366"
},
{
"name": "http://tracker.moodle.org/browse/MDL-22040",
"refsource": "CONFIRM",
"url": "http://tracker.moodle.org/browse/MDL-22040"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=605809",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605809"
}
]
}
}

34
2010/2xxx/CVE-2010-2447.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2447", "ID": "CVE-2010-2447",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2010/2xxx/CVE-2010-2870.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-2870", "ID": "CVE-2010-2870",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100824 TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/513303/100/0/threaded" "lang": "eng",
}, "value": "DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie."
{ }
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-15", ]
"refsource" : "MISC", },
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-15" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-20.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-20.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:11554", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11554" ]
}, },
{ "references": {
"name" : "1024361", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024361" "name": "oval:org.mitre.oval:def:11554",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11554"
"name" : "ADV-2010-2176", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2176" "name": "1024361",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1024361"
} },
} {
"name": "http://www.adobe.com/support/security/bulletins/apsb10-20.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-20.html"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-15",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-15"
},
{
"name": "20100824 TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513303/100/0/threaded"
},
{
"name": "ADV-2010-2176",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2176"
}
]
}
}

34
2011/0xxx/CVE-2011-0110.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-0110", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-0110",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }
} }

180
2011/0xxx/CVE-2011-0455.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2011-0455", "ID": "CVE-2011-0455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.thingslabo.com/cgi/bbs/download.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.thingslabo.com/cgi/bbs/download.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://www.thingslabo.com/cgi/bbs_thread/download.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.thingslabo.com/cgi/bbs_thread/download.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#20982938", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN20982938/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2011-000015", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015" ]
}, },
{ "references": {
"name" : "46638", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46638" "name": "bbs-bbsthread-unspecified-xss(65852)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
"name" : "43524", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43524" "name": "43524",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43524"
"name" : "bbs-bbsthread-unspecified-xss(65852)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852" "name": "http://www.thingslabo.com/cgi/bbs_thread/download.html",
} "refsource": "CONFIRM",
] "url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
} },
} {
"name": "JVNDB-2011-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46638"
},
{
"name": "http://www.thingslabo.com/cgi/bbs/download.html",
"refsource": "CONFIRM",
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
]
}
}

150
2011/0xxx/CVE-2011-0528.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-0528", "ID": "CVE-2011-0528",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110127 CVE request: puppet", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/01/27/6" "lang": "eng",
}, "value": "Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors."
{ }
"name" : "[oss-security] 20110127 Re: CVE request: puppet", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/01/31/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[puppet-users] 20101201 SECURITY: Authorization vulnerability in Puppet 2.6.x", "description": [
"refsource" : "MLIST", {
"url" : "http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-1365-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-1365-1" ]
} },
] "references": {
} "reference_data": [
} {
"name": "USN-1365-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1365-1"
},
{
"name": "[oss-security] 20110127 CVE request: puppet",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/27/6"
},
{
"name": "[puppet-users] 20101201 SECURITY: Authorization vulnerability in Puppet 2.6.x",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html"
},
{
"name": "[oss-security] 20110127 Re: CVE request: puppet",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/31/5"
}
]
}
}

170
2011/0xxx/CVE-2011-0570.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-0570", "ID": "CVE-2011-0570",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588."
{ }
"name" : "46255", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/46255" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12262", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12262" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1025033", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1025033" ]
}, },
{ "references": {
"name" : "ADV-2011-0337", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0337" "name": "adobe-acrobat-dll-code-execution(65289)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65289"
"name" : "adobe-acrobat-dll-code-execution(65289)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65289" "name": "46255",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/46255"
} },
} {
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "oval:org.mitre.oval:def:12262",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12262"
}
]
}
}

34
2011/1xxx/CVE-2011-1210.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1210", "ID": "CVE-2011-1210",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2011/1xxx/CVE-2011-1253.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2011-1253", "ID": "CVE-2011-1253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka \".NET Framework Class Inheritance Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS11-078", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-078" "lang": "eng",
}, "value": "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka \".NET Framework Class Inheritance Vulnerability.\""
{ }
"name" : "oval:org.mitre.oval:def:13069", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13069" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS11-078",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-078"
},
{
"name": "oval:org.mitre.oval:def:13069",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13069"
}
]
}
}

34
2011/1xxx/CVE-2011-1608.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1608", "ID": "CVE-2011-1608",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2011/1xxx/CVE-2011-1811.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2011-1811", "ID": "CVE-2011-1811",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=76034", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=76034" "lang": "eng",
}, "value": "Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48129", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48129" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72781", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/72781" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:14620", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14620" "name": "oval:org.mitre.oval:def:14620",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14620"
"name" : "44829", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44829" "name": "44829",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44829"
"name" : "chrome-submissions-dos(67894)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67894" "name": "chrome-submissions-dos(67894)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67894"
} },
} {
"name": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html"
},
{
"name": "72781",
"refsource": "OSVDB",
"url": "http://osvdb.org/72781"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=76034",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=76034"
},
{
"name": "48129",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48129"
}
]
}
}

150
2011/1xxx/CVE-2011-1837.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2011-1837", "ID": "CVE-2011-1837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=729465", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=729465" "lang": "eng",
}, "value": "The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors."
{ }
"name" : "https://launchpad.net/ecryptfs/+download", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.net/ecryptfs/+download" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2011:0898", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-1188-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-1188-1" ]
} },
] "references": {
} "reference_data": [
} {
"name": "SUSE-SU-2011:0898",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
},
{
"name": "https://launchpad.net/ecryptfs/+download",
"refsource": "CONFIRM",
"url": "https://launchpad.net/ecryptfs/+download"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=729465",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729465"
},
{
"name": "USN-1188-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1188-1"
}
]
}
}

180
2011/1xxx/CVE-2011-1858.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-1858", "ID": "CVE-2011-1858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02674", "description_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130755929821099&w=2" "lang": "eng",
}, "value": "Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors."
{ }
"name" : "SSRT100487", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=130755929821099&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48168", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48168" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1025611", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1025611" ]
}, },
{ "references": {
"name" : "44836", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44836" "name": "44836",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44836"
"name" : "8273", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8273" "name": "8273",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8273"
"name" : "hp-service-permissions-unauth-access(67909)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67909" "name": "hp-service-permissions-unauth-access(67909)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67909"
} },
} {
"name": "1025611",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025611"
},
{
"name": "SSRT100487",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130755929821099&w=2"
},
{
"name": "HPSBMA02674",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130755929821099&w=2"
},
{
"name": "48168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48168"
}
]
}
}

150
2011/3xxx/CVE-2011-3224.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3224", "ID": "CVE-2011-3224",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5002", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5002" "lang": "eng",
}, "value": "The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server."
{ }
"name" : "APPLE-SA-2011-10-12-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "50085", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/50085" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "76375", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/76375" ]
} },
] "references": {
} "reference_data": [
} {
"name": "76375",
"refsource": "OSVDB",
"url": "http://osvdb.org/76375"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "50085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50085"
}
]
}
}

220
2011/4xxx/CVE-2011-4086.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4086", "ID": "CVE-2011-4086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=15291164b22a357cb211b618adfef4fa82fc0de3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=15291164b22a357cb211b618adfef4fa82fc0de3" "lang": "eng",
}, "value": "The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal."
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=749143", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=749143" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/15291164b22a357cb211b618adfef4fa82fc0de3", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/15291164b22a357cb211b618adfef4fa82fc0de3" ]
}, },
{ "references": {
"name" : "DSA-2469", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2469" "name": "SUSE-SU-2012:0554",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
"name" : "RHSA-2012:0571", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0571.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=749143",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=749143"
"name" : "RHSA-2012:0670", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0670.html" "name": "48898",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48898"
"name" : "SUSE-SU-2012:0554", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html" "name": "https://github.com/torvalds/linux/commit/15291164b22a357cb211b618adfef4fa82fc0de3",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/15291164b22a357cb211b618adfef4fa82fc0de3"
"name" : "SUSE-SU-2012:0616", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html" "name": "RHSA-2012:0670",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0670.html"
"name" : "48898", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48898" "name": "DSA-2469",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2012/dsa-2469"
"name" : "48964", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48964" "name": "48964",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/48964"
} },
} {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=15291164b22a357cb211b618adfef4fa82fc0de3",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=15291164b22a357cb211b618adfef4fa82fc0de3"
},
{
"name": "SUSE-SU-2012:0616",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html"
},
{
"name": "RHSA-2012:0571",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0571.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1"
}
]
}
}

130
2011/4xxx/CVE-2011-4368.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-4368", "ID": "CVE-2011-4368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-29.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-29.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "1026405", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id?1026405" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-29.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-29.html"
},
{
"name": "1026405",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026405"
}
]
}
}

190
2011/4xxx/CVE-2011-4369.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-4369", "ID": "CVE-2011-4369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-30.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-30.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011."
{ }
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-01.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2012:0011", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0011.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2012:0086", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2012:0087", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html" "name": "openSUSE-SU-2012:0087",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html"
"name" : "TA11-350A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-350A.html" "name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
"name" : "51092", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51092" "name": "RHSA-2012:0011",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html"
"name" : "oval:org.mitre.oval:def:14865", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14865" "name": "SUSE-SU-2012:0086",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html"
} },
} {
"name": "http://www.adobe.com/support/security/bulletins/apsb11-30.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html"
},
{
"name": "oval:org.mitre.oval:def:14865",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14865"
},
{
"name": "TA11-350A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html"
},
{
"name": "51092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51092"
}
]
}
}

160
2011/5xxx/CVE-2011-5182.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5182", "ID": "CVE-2011-5182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating \"Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20111119 wordpress Lanoba Social Plugin Xss Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/520574/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating \"Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.\""
{ }
"name" : "20111129 Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/520678/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities", "description": [
"refsource" : "MISC", {
"url" : "https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "50746", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/50746" ]
}, },
{ "references": {
"name" : "lanobasocial-index-xss(71411)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71411" "name": "20111129 Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/520678/100/0/threaded"
} },
} {
"name": "50746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50746"
},
{
"name": "20111119 wordpress Lanoba Social Plugin Xss Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520574/100/0/threaded"
},
{
"name": "lanobasocial-index-xss(71411)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71411"
},
{
"name": "https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities",
"refsource": "MISC",
"url": "https://wordpress.org/support/topic/plugin-lanoba-social-plugin-xss-vulnerabilities"
}
]
}
}

120
2013/5xxx/CVE-2013-5321.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5321", "ID": "CVE-2013-5321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "26406", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/26406" "lang": "eng",
} "value": "Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26406",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/26406"
}
]
}
}

120
2014/2xxx/CVE-2014-2169.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2169", "ID": "CVE-2014-2169",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte" "lang": "eng",
} "value": "Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
}
]
}
}

34
2014/2xxx/CVE-2014-2267.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2267", "ID": "CVE-2014-2267",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/2xxx/CVE-2014-2290.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2290", "ID": "CVE-2014-2290",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2014/2xxx/CVE-2014-2312.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2312", "ID": "CVE-2014-2312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140308 CVE Request: thermald", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/03/08/4" "lang": "eng",
}, "value": "The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid."
{ }
"name" : "[oss-security] 20140308 Re: CVE Request: thermald", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/03/09/2" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140308 Re: CVE Request: thermald",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/09/2"
},
{
"name": "[oss-security] 20140308 CVE Request: thermald",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/08/4"
}
]
}
}

34
2014/3xxx/CVE-2014-3136.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3136", "ID": "CVE-2014-3136",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2014/3xxx/CVE-2014-3598.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3598", "ID": "CVE-2014-3598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://pypi.python.org/pypi/Pillow/2.5.3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://pypi.python.org/pypi/Pillow/2.5.3" "lang": "eng",
}, "value": "The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image."
{ }
"name" : "openSUSE-SU-2015:0798", ]
"refsource" : "SUSE", },
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:0798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html"
},
{
"name": "https://pypi.python.org/pypi/Pillow/2.5.3",
"refsource": "CONFIRM",
"url": "https://pypi.python.org/pypi/Pillow/2.5.3"
}
]
}
}

140
2014/6xxx/CVE-2014-6161.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-6161", "ID": "CVE-2014-6161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689130", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689130" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
{ }
"name" : "62168", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/62168" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-netcool-cve20146161-xss(97710)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97710" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689130",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689130"
},
{
"name": "ibm-netcool-cve20146161-xss(97710)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97710"
},
{
"name": "62168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62168"
}
]
}
}

320
2014/6xxx/CVE-2014-6493.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6493", "ID": "CVE-2014-6493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201502-12", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "HPSBUX03218", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" ]
}, },
{ "references": {
"name" : "SSRT101770", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" "name": "RHSA-2014:1880",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
"name" : "RHSA-2014:1657", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1657.html" "name": "RHSA-2014:1657",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
"name" : "RHSA-2014:1658", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1658.html" "name": "RHSA-2014:1877",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
"name" : "RHSA-2014:1876", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1876.html" "name": "61609",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61609"
"name" : "RHSA-2014:1877", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1877.html" "name": "61163",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61163"
"name" : "RHSA-2014:1880", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1880.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
"name" : "RHSA-2014:1882", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1882.html" "name": "HPSBUX03218",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
"name" : "RHSA-2015:0264", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html" "name": "70468",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/70468"
"name" : "SUSE-SU-2014:1526", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" "name": "SUSE-SU-2014:1549",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
"name" : "SUSE-SU-2014:1549", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" "name": "RHSA-2014:1876",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
"name" : "SUSE-SU-2015:0344", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" "name": "RHSA-2015:0264",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
"name" : "SUSE-SU-2015:0345", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" "name": "SUSE-SU-2015:0392",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
"name" : "SUSE-SU-2015:0392", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" "name": "SUSE-SU-2014:1526",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
"name" : "70468", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70468" "name": "SUSE-SU-2015:0345",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
"name" : "61163", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61163" "name": "RHSA-2014:1882",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
"name" : "61164", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61164" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name" : "61609", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61609" "name": "RHSA-2014:1658",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
} },
} {
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
}
]
}
}

140
2014/6xxx/CVE-2014-6814.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6814", "ID": "CVE-2014-6814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#365577", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/365577" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#365577",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/365577"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

34
2014/7xxx/CVE-2014-7164.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7164", "ID": "CVE-2014-7164",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/7xxx/CVE-2014-7418.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7418", "ID": "CVE-2014-7418",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#413713", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/413713" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#413713",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/413713"
}
]
}
}

140
2017/0xxx/CVE-2017-0027.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0027", "ID": "CVE-2017-0027",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Office", "product_name": "Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1" "version_value": "Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka \"Microsoft Office Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0027", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0027" "lang": "eng",
}, "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka \"Microsoft Office Information Disclosure Vulnerability.\""
{ }
"name" : "96043", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96043" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038010", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038010" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0027",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0027"
},
{
"name": "1038010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038010"
},
{
"name": "96043",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96043"
}
]
}
}

136
2017/0xxx/CVE-2017-0465.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0465", "ID": "CVE-2017-0465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-05-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747."
{ }
"name" : "98184", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98184" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98184"
},
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}
}

174
2017/0xxx/CVE-2017-0840.json
View File

@ -1,89 +1,89 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00", "DATE_PUBLIC": "2017-11-06T00:00:00",
"ID" : "CVE-2017-0840", "ID": "CVE-2017-0840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "5.1.1" "version_value": "5.1.1"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "7.1.1" "version_value": "7.1.1"
}, },
{ {
"version_value" : "7.1.2" "version_value": "7.1.2"
}, },
{ {
"version_value" : "8.0" "version_value": "8.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62948670."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-11-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-11-01" "lang": "eng",
}, "value": "An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62948670."
{ }
"name" : "101717", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101717" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "101717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101717"
}
]
}
}

134
2017/0xxx/CVE-2017-0852.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00", "DATE_PUBLIC": "2017-11-06T00:00:00",
"ID" : "CVE-2017-0852", "ID": "CVE-2017-0852",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "5.1.1" "version_value": "5.1.1"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/pixel/2017-11-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/pixel/2017-11-01" "lang": "eng",
} "value": "A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
}
]
}
}

132
2017/18xxx/CVE-2017-18139.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2017-18139", "ID": "CVE-2017-18139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850" "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in IMS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in IMS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

142
2017/1xxx/CVE-2017-1081.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secteam@freebsd.org", "ASSIGNER": "secteam@freebsd.org",
"DATE_PUBLIC" : "2017-04-27T00:00:00", "DATE_PUBLIC": "2017-04-27T00:00:00",
"ID" : "CVE-2017-1081", "ID": "CVE-2017-1081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FreeBSD", "product_name": "FreeBSD",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 11.0-RELEASE-p10 and 10.3-RELEASE-p19" "version_value": "prior to 11.0-RELEASE-p10 and 10.3-RELEASE-p19"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "FreeBSD" "vendor_name": "FreeBSD"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using \"keep state\" or \"keep frags\" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Kernel panic due to use after free (CWE-416)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-17:04", "description_data": [
"refsource" : "FREEBSD", {
"url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc" "lang": "eng",
}, "value": "In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using \"keep state\" or \"keep frags\" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling."
{ }
"name" : "98089", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98089" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038369", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038369" "lang": "eng",
} "value": "Kernel panic due to use after free (CWE-416)"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038369",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038369"
},
{
"name": "FreeBSD-SA-17:04",
"refsource": "FREEBSD",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc"
},
{
"name": "98089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98089"
}
]
}
}

34
2017/1xxx/CVE-2017-1090.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1090", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1090",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1109.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1109", "ID": "CVE-2017-1109",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

520
2017/1xxx/CVE-2017-1237.json
View File

@ -1,262 +1,262 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-28T00:00:00", "DATE_PUBLIC": "2018-06-28T00:00:00",
"ID" : "CVE-2017-1237", "ID": "CVE-2017-1237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Collaborative Lifecycle Management", "product_name": "Rational Collaborative Lifecycle Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational DOORS Next Generation", "product_name": "Rational DOORS Next Generation",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Engineering Lifecycle Manager", "product_name": "Rational Engineering Lifecycle Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Quality Manager", "product_name": "Rational Quality Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Rhapsody Design Manager", "product_name": "Rational Rhapsody Design Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Software Architect Design Manager", "product_name": "Rational Software Architect Design Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
}, },
{ {
"product_name" : "Rational Team Concert", "product_name": "Rational Team Concert",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "5.0.x" "version_value": "5.0.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www-prd-trops.events.ibm.com/node/715709", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www-prd-trops.events.ibm.com/node/715709" "lang": "eng",
}, "value": "IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355."
{ }
"name" : "ibm-jazz-cve20171237-xss(124355)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/124355" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
} "AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www-prd-trops.events.ibm.com/node/715709",
"refsource": "CONFIRM",
"url": "https://www-prd-trops.events.ibm.com/node/715709"
},
{
"name": "ibm-jazz-cve20171237-xss(124355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/124355"
}
]
}
}

34
2017/1xxx/CVE-2017-1908.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1908", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1908",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

170
2017/5xxx/CVE-2017-5106.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5106", "ID": "CVE-2017-5106",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android", "product_name": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android" "version_value": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insufficient Policy Enforcement"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name."
{ }
"name" : "https://crbug.com/714628", ]
"refsource" : "MISC", },
"url" : "https://crbug.com/714628" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3926", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3926" "lang": "eng",
}, "value": "Insufficient Policy Enforcement"
{ }
"name" : "GLSA-201709-15", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-15" ]
}, },
{ "references": {
"name" : "RHSA-2017:1833", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1833" "name": "https://crbug.com/714628",
}, "refsource": "MISC",
{ "url": "https://crbug.com/714628"
"name" : "99950", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99950" "name": "GLSA-201709-15",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201709-15"
} },
} {
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
}
]
}
}

34
2017/5xxx/CVE-2017-5138.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5138", "ID": "CVE-2017-5138",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2017/5xxx/CVE-2017-5846.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5846", "ID": "CVE-2017-5846",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170201 Multiple memory access issues in gstreamer", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/02/01/7" "lang": "eng",
}, "value": "The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file."
{ }
"name" : "[oss-security] 20170202 Re: Multiple memory access issues in gstreamer", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/02/02/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=777937", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=777937" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3", ]
"refsource" : "CONFIRM", }
"url" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3" ]
}, },
{ "references": {
"name" : "DSA-3821", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3821" "name": "96001",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/96001"
"name" : "GLSA-201705-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201705-10" "name": "https://bugzilla.gnome.org/show_bug.cgi?id=777937",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.gnome.org/show_bug.cgi?id=777937"
"name" : "96001", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96001" "name": "DSA-3821",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2017/dsa-3821"
} },
} {
"name": "[oss-security] 20170202 Re: Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/02/9"
},
{
"name": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3",
"refsource": "CONFIRM",
"url": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3"
},
{
"name": "GLSA-201705-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-10"
},
{
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
}
]
}
}