admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:18:01 +00:00
parent 68acf0d123
commit 521a2d540d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
49 changed files with 3024 additions and 3024 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2007/2xxx/CVE-2007-2368.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2368", "ID": "CVE-2007-2368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to read arbitrary files via the file parameter." "value": "picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to read arbitrary files via the file parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3673", "name": "ADV-2007-1274",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "https://www.exploit-db.com/exploits/3673" "url": "http://www.vupen.com/english/advisories/2007/1274"
}, },
{ {
"name" : "ADV-2007-1274", "name": "3673",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2007/1274" "url": "https://www.exploit-db.com/exploits/3673"
} }
] ]
} }

86
2007/3xxx/CVE-2007-3177.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3177", "ID": "CVE-2007-3177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter." "value": "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ingate.com/relnote-452.php", "name": "ingate-maddr-authentication-bypass(34887)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www.ingate.com/relnote-452.php" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
}, },
{ {
"name" : "ADV-2007-1973", "name": "http://www.ingate.com/relnote-452.php",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2007/1973" "url": "http://www.ingate.com/relnote-452.php"
}, },
{ {
"name" : "36708", "name": "25420",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/36708" "url": "http://secunia.com/advisories/25420"
}, },
{ {
"name" : "25420", "name": "ADV-2007-1973",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/25420" "url": "http://www.vupen.com/english/advisories/2007/1973"
}, },
{ {
"name" : "ingate-maddr-authentication-bypass(34887)", "name": "36708",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887" "url": "http://osvdb.org/36708"
} }
] ]
} }

80
2007/3xxx/CVE-2007-3586.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3586", "ID": "CVE-2007-3586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attackers to inject arbitrary PHP code into (1) a _score.txt file via the score parameter, or (2) a _setby.txt file via a login cookie, which is then included by games.php. NOTE: programs that use games.php might include (a) snakep.php, (b) tetrisp.php, and possibly other site-specific files." "value": "Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attackers to inject arbitrary PHP code into (1) a _score.txt file via the score parameter, or (2) a _setby.txt file via a login cookie, which is then included by games.php. NOTE: programs that use games.php might include (a) snakep.php, (b) tetrisp.php, and possibly other site-specific files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "4144", "name": "mycms-settings-games-command-execution(35254)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/4144" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35254"
}, },
{ {
"name" : "24757", "name": "45778",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/24757" "url": "http://osvdb.org/45778"
}, },
{ {
"name" : "45778", "name": "4144",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/45778" "url": "https://www.exploit-db.com/exploits/4144"
}, },
{ {
"name" : "mycms-settings-games-command-execution(35254)", "name": "24757",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35254" "url": "http://www.securityfocus.com/bid/24757"
} }
] ]
} }

104
2007/3xxx/CVE-2007-3690.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3690", "ID": "CVE-2007-3690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments." "value": "The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://drupal.org/node/152806", "name": "forward-url-security-bypass(35318)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://drupal.org/node/152806" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35318"
}, },
{ {
"name" : "http://drupal.org/node/158022", "name": "25999",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://drupal.org/node/158022" "url": "http://secunia.com/advisories/25999"
}, },
{ {
"name" : "http://drupal.org/node/158025", "name": "ADV-2007-2469",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://drupal.org/node/158025" "url": "http://www.vupen.com/english/advisories/2007/2469"
}, },
{ {
"name" : "24862", "name": "24862",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/24862" "url": "http://www.securityfocus.com/bid/24862"
}, },
{ {
"name" : "ADV-2007-2469", "name": "http://drupal.org/node/152806",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2007/2469" "url": "http://drupal.org/node/152806"
}, },
{ {
"name" : "37896", "name": "http://drupal.org/node/158022",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/37896" "url": "http://drupal.org/node/158022"
}, },
{ {
"name" : "25999", "name": "http://drupal.org/node/158025",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/25999" "url": "http://drupal.org/node/158025"
}, },
{ {
"name" : "forward-url-security-bypass(35318)", "name": "37896",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35318" "url": "http://osvdb.org/37896"
} }
] ]
} }

92
2007/3xxx/CVE-2007-3910.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3910", "ID": "CVE-2007-3910",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote attackers to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs." "value": "Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote attackers to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.portcullis-security.com/182.php", "name": "bandersnatch-resourcename-xss(35407)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.portcullis-security.com/182.php" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35407"
}, },
{ {
"name" : "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-004.txt", "name": "http://www.portcullis-security.com/182.php",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-004.txt" "url": "http://www.portcullis-security.com/182.php"
}, },
{ {
"name" : "25094", "name": "26202",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/25094" "url": "http://secunia.com/advisories/26202"
}, },
{ {
"name" : "38269", "name": "38269",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/38269" "url": "http://www.osvdb.org/38269"
}, },
{ {
"name" : "26202", "name": "25094",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/26202" "url": "http://www.securityfocus.com/bid/25094"
}, },
{ {
"name" : "bandersnatch-resourcename-xss(35407)", "name": "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-004.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35407" "url": "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-004.txt"
} }
] ]
} }

98
2007/6xxx/CVE-2007-6058.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6058", "ID": "CVE-2007-6058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module." "value": "Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071118 [ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability", "name": "4627",
"refsource" : "BUGTRAQ", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/archive/1/483889/100/0/threaded" "url": "https://www.exploit-db.com/exploits/4627"
}, },
{ {
"name" : "4627", "name": "http://advisories.echo.or.id/adv/adv84-K-159-2007.txt",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/4627" "url": "http://advisories.echo.or.id/adv/adv84-K-159-2007.txt"
}, },
{ {
"name" : "http://advisories.echo.or.id/adv/adv84-K-159-2007.txt", "name": "ADV-2007-3908",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://advisories.echo.or.id/adv/adv84-K-159-2007.txt" "url": "http://www.vupen.com/english/advisories/2007/3908"
}, },
{ {
"name" : "26490", "name": "27730",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/26490" "url": "http://secunia.com/advisories/27730"
}, },
{ {
"name" : "ADV-2007-3908", "name": "26490",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/3908" "url": "http://www.securityfocus.com/bid/26490"
}, },
{ {
"name" : "27730", "name": "profilecms-id-sql-injection(38538)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/27730" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38538"
}, },
{ {
"name" : "profilecms-id-sql-injection(38538)", "name": "20071118 [ECHO_ADV_84$2007] ProfileCMS <= 1.0 Remote SQL Injection Vulnerability",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38538" "url": "http://www.securityfocus.com/archive/1/483889/100/0/threaded"
} }
] ]
} }

74
2007/6xxx/CVE-2007-6232.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6232", "ID": "CVE-2007-6232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action." "value": "Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "4681", "name": "ftp-admin-index-xss(38780)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/4681" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38780"
}, },
{ {
"name" : "27875", "name": "4681",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/27875" "url": "https://www.exploit-db.com/exploits/4681"
}, },
{ {
"name" : "ftp-admin-index-xss(38780)", "name": "27875",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38780" "url": "http://secunia.com/advisories/27875"
} }
] ]
} }

86
2007/6xxx/CVE-2007-6715.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6715", "ID": "CVE-2007-6715",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case." "value": "Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html", "name": "44727",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html" "url": "http://osvdb.org/44727"
}, },
{ {
"name" : "http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities", "name": "http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities" "url": "http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities"
}, },
{ {
"name" : "http://sam.zoy.org/zzuf/", "name": "http://sam.zoy.org/zzuf/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://sam.zoy.org/zzuf/" "url": "http://sam.zoy.org/zzuf/"
}, },
{ {
"name" : "27243", "name": "27243",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/27243" "url": "http://www.securityfocus.com/bid/27243"
}, },
{ {
"name" : "44727", "name": "http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/44727" "url": "http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html"
} }
] ]
} }

86
2010/0xxx/CVE-2010-0321.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0321", "ID": "CVE-2010-0321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Job Board 3.0 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter." "value": "Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Job Board 3.0 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/1001-exploits/jamitjobboard-xss.txt", "name": "11073",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://packetstormsecurity.org/1001-exploits/jamitjobboard-xss.txt" "url": "http://www.exploit-db.com/exploits/11073"
}, },
{ {
"name" : "11073", "name": "37701",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/11073" "url": "http://www.securityfocus.com/bid/37701"
}, },
{ {
"name" : "37701", "name": "32797",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/37701" "url": "http://secunia.com/advisories/32797"
}, },
{ {
"name" : "32797", "name": "http://packetstormsecurity.org/1001-exploits/jamitjobboard-xss.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/32797" "url": "http://packetstormsecurity.org/1001-exploits/jamitjobboard-xss.txt"
}, },
{ {
"name" : "jamit-jobboard-index-xss(55500)", "name": "jamit-jobboard-index-xss(55500)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55500" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55500"
} }
] ]
} }

68
2010/0xxx/CVE-2010-0501.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-0501", "ID": "CVE-2010-0501",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames." "value": "Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT4077", "name": "APPLE-SA-2010-03-29-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT4077" "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
}, },
{ {
"name" : "APPLE-SA-2010-03-29-1", "name": "http://support.apple.com/kb/HT4077",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" "url": "http://support.apple.com/kb/HT4077"
} }
] ]
} }

110
2010/0xxx/CVE-2010-0832.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2010-0832", "ID": "CVE-2010-0832",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to \"user file stamps\" and the motd.legal-notice file." "value": "pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to \"user file stamps\" and the motd.legal-notice file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "14273", "name": "pammotd-motdlegalnotice-priv-escalation(60194)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "http://www.exploit-db.com/exploits/14273" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60194"
}, },
{ {
"name" : "http://twitter.com/jonoberheide/statuses/18009527979", "name": "USN-959-1",
"refsource" : "MISC", "refsource": "UBUNTU",
"url" : "http://twitter.com/jonoberheide/statuses/18009527979" "url": "http://www.ubuntu.com/usn/USN-959-1"
}, },
{ {
"name" : "http://www.h-online.com/security/news/item/Ubuntu-closes-root-hole-1034618.html", "name": "41465",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.h-online.com/security/news/item/Ubuntu-closes-root-hole-1034618.html" "url": "http://www.securityfocus.com/bid/41465"
}, },
{ {
"name" : "USN-959-1", "name": "14273",
"refsource" : "UBUNTU", "refsource": "EXPLOIT-DB",
"url" : "http://www.ubuntu.com/usn/USN-959-1" "url": "http://www.exploit-db.com/exploits/14273"
}, },
{ {
"name" : "41465", "name": "http://www.h-online.com/security/news/item/Ubuntu-closes-root-hole-1034618.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/41465" "url": "http://www.h-online.com/security/news/item/Ubuntu-closes-root-hole-1034618.html"
}, },
{ {
"name" : "66116", "name": "http://twitter.com/jonoberheide/statuses/18009527979",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/66116" "url": "http://twitter.com/jonoberheide/statuses/18009527979"
}, },
{ {
"name" : "40512", "name": "40512",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/40512" "url": "http://secunia.com/advisories/40512"
}, },
{ {
"name" : "ADV-2010-1747", "name": "66116",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2010/1747" "url": "http://www.osvdb.org/66116"
}, },
{ {
"name" : "pammotd-motdlegalnotice-priv-escalation(60194)", "name": "ADV-2010-1747",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60194" "url": "http://www.vupen.com/english/advisories/2010/1747"
} }
] ]
} }

74
2010/1xxx/CVE-2010-1180.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1180", "ID": "CVE-2010-1180",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long exception string in a throw statement, possibly a related issue to CVE-2009-1514." "value": "Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long exception string in a throw statement, possibly a related issue to CVE-2009-1514."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://nishantdaspatnaik.yolasite.com/ipodpoc5.php", "name": "http://nishantdaspatnaik.yolasite.com/ipodpoc5.php",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://nishantdaspatnaik.yolasite.com/ipodpoc5.php" "url": "http://nishantdaspatnaik.yolasite.com/ipodpoc5.php"
}, },
{ {
"name" : "38992", "name": "38992",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/38992" "url": "http://www.securityfocus.com/bid/38992"
}, },
{ {
"name" : "safari-iphone-throw-code-execution(57992)", "name": "safari-iphone-throw-code-execution(57992)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57992" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57992"
} }
] ]
} }

86
2010/1xxx/CVE-2010-1247.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-1247", "ID": "CVE-2010-1247",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka \"Excel Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0823 and CVE-2010-1249." "value": "Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka \"Excel Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0823 and CVE-2010-1249."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20100608 VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010-1247)", "name": "65237",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/511754/100/0/threaded" "url": "http://osvdb.org/65237"
}, },
{ {
"name" : "MS10-038", "name": "MS10-038",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038"
}, },
{ {
"name" : "TA10-159B", "name": "oval:org.mitre.oval:def:6630",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6630"
}, },
{ {
"name" : "65237", "name": "TA10-159B",
"refsource" : "OSVDB", "refsource": "CERT",
"url" : "http://osvdb.org/65237" "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:6630", "name": "20100608 VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010-1247)",
"refsource" : "OVAL", "refsource": "BUGTRAQ",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6630" "url": "http://www.securityfocus.com/archive/1/511754/100/0/threaded"
} }
] ]
} }

62
2010/1xxx/CVE-2010-1367.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1367", "ID": "CVE-2010-1367",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name and (2) admin_password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name and (2) admin_password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "38756", "name": "38756",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/38756" "url": "http://secunia.com/advisories/38756"
} }
] ]
} }

80
2010/1xxx/CVE-2010-1690.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1690", "ID": "CVE-2010-1690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025." "value": "The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 does not verify that transaction IDs of responses match transaction IDs of queries, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20100504 [CORE-2010-0427] Windows SMTP Service DNS query Id vulnerabilities", "name": "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html" "url": "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs"
}, },
{ {
"name" : "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs", "name": "20100504 [CORE-2010-0427] Windows SMTP Service DNS query Id vulnerabilities",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html"
}, },
{ {
"name" : "39910", "name": "39910",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/39910" "url": "http://www.securityfocus.com/bid/39910"
}, },
{ {
"name" : "1023939", "name": "1023939",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1023939" "url": "http://securitytracker.com/id?1023939"
} }
] ]
} }

158
2010/1xxx/CVE-2010-1767.json
View File

@ -1,141 +1,141 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1767", "ID": "CVE-2010-1767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation." "value": "Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=39698", "name": "MDVSA-2011:039",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://code.google.com/p/chromium/issues/detail?id=39698" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html", "name": "http://trac.webkit.org/changeset/57041",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html" "url": "http://trac.webkit.org/changeset/57041"
}, },
{ {
"name" : "http://security-tracker.debian.org/tracker/CVE-2010-1767", "name": "ADV-2010-2722",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://security-tracker.debian.org/tracker/CVE-2010-1767" "url": "http://www.vupen.com/english/advisories/2010/2722"
}, },
{ {
"name" : "http://trac.webkit.org/changeset/57041", "name": "https://bugs.webkit.org/show_bug.cgi?id=36843",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://trac.webkit.org/changeset/57041" "url": "https://bugs.webkit.org/show_bug.cgi?id=36843"
}, },
{ {
"name" : "https://bugs.webkit.org/show_bug.cgi?id=36843", "name": "43068",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugs.webkit.org/show_bug.cgi?id=36843" "url": "http://secunia.com/advisories/43068"
}, },
{ {
"name" : "MDVSA-2011:039", "name": "USN-1006-1",
"refsource" : "MANDRIVA", "refsource": "UBUNTU",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" "url": "http://www.ubuntu.com/usn/USN-1006-1"
}, },
{ {
"name" : "SUSE-SR:2011:002", "name": "41856",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "url": "http://secunia.com/advisories/41856"
}, },
{ {
"name" : "USN-1006-1", "name": "ADV-2011-0212",
"refsource" : "UBUNTU", "refsource": "VUPEN",
"url" : "http://www.ubuntu.com/usn/USN-1006-1" "url": "http://www.vupen.com/english/advisories/2011/0212"
}, },
{ {
"name" : "39603", "name": "39603",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/39603" "url": "http://www.securityfocus.com/bid/39603"
}, },
{ {
"name" : "64002", "name": "39544",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/64002" "url": "http://secunia.com/advisories/39544"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11140", "name": "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11140" "url": "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html"
}, },
{ {
"name" : "39544", "name": "SUSE-SR:2011:002",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/39544" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
}, },
{ {
"name" : "41856", "name": "ADV-2011-0552",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/41856" "url": "http://www.vupen.com/english/advisories/2011/0552"
}, },
{ {
"name" : "43068", "name": "64002",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/43068" "url": "http://osvdb.org/64002"
}, },
{ {
"name" : "ADV-2010-2722", "name": "http://code.google.com/p/chromium/issues/detail?id=39698",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2010/2722" "url": "http://code.google.com/p/chromium/issues/detail?id=39698"
}, },
{ {
"name" : "ADV-2011-0212", "name": "http://security-tracker.debian.org/tracker/CVE-2010-1767",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2011/0212" "url": "http://security-tracker.debian.org/tracker/CVE-2010-1767"
}, },
{ {
"name" : "ADV-2011-0552", "name": "oval:org.mitre.oval:def:11140",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2011/0552" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11140"
} }
] ]
} }

74
2010/1xxx/CVE-2010-1888.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-1888", "ID": "CVE-2010-1888",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka \"Windows Kernel Data Initialization Vulnerability.\"" "value": "Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka \"Windows Kernel Data Initialization Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS10-047", "name": "TA10-222A",
"refsource" : "MS", "refsource": "CERT",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-047" "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
}, },
{ {
"name" : "TA10-222A", "name": "oval:org.mitre.oval:def:11825",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11825"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11825", "name": "MS10-047",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11825" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-047"
} }
] ]
} }

110
2010/5xxx/CVE-2010-5166.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5166", "ID": "CVE-2010-5166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** Race condition in McAfee Total Protection 2010 10.0.580 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute." "value": "** DISPUTED ** Race condition in McAfee Total Protection 2010 10.0.580 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
}, },
{ {
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", "name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
}, },
{ {
"name" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/", "name": "39924",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" "url": "http://www.securityfocus.com/bid/39924"
}, },
{ {
"name" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php", "name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}, },
{ {
"name" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php", "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
}, },
{ {
"name" : "http://www.f-secure.com/weblog/archives/00001949.html", "name": "67660",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.f-secure.com/weblog/archives/00001949.html" "url": "http://www.osvdb.org/67660"
}, },
{ {
"name" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/", "name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
}, },
{ {
"name" : "39924", "name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/39924" "url": "http://www.f-secure.com/weblog/archives/00001949.html"
}, },
{ {
"name" : "67660", "name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/67660" "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
} }
] ]
} }

74
2014/0xxx/CVE-2014-0260.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0260", "ID": "CVE-2014-0260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\"" "value": "Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS14-001", "name": "1029599",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-001" "url": "http://www.securitytracker.com/id/1029599"
}, },
{ {
"name" : "1029598", "name": "1029598",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029598" "url": "http://www.securitytracker.com/id/1029598"
}, },
{ {
"name" : "1029599", "name": "MS14-001",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1029599" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-001"
} }
] ]
} }

80
2014/0xxx/CVE-2014-0350.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-0350", "ID": "CVE-2014-0350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate." "value": "The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://raw.githubusercontent.com/pocoproject/poco/poco-1.4.6p4-release/CHANGELOG", "name": "FEDORA-2016-4a3e5618eb",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://raw.githubusercontent.com/pocoproject/poco/poco-1.4.6p4-release/CHANGELOG" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177573.html"
}, },
{ {
"name" : "FEDORA-2016-0b3a611401", "name": "VU#118748",
"refsource" : "FEDORA", "refsource": "CERT-VN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177471.html" "url": "http://www.kb.cert.org/vuls/id/118748"
}, },
{ {
"name" : "FEDORA-2016-4a3e5618eb", "name": "https://raw.githubusercontent.com/pocoproject/poco/poco-1.4.6p4-release/CHANGELOG",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177573.html" "url": "https://raw.githubusercontent.com/pocoproject/poco/poco-1.4.6p4-release/CHANGELOG"
}, },
{ {
"name" : "VU#118748", "name": "FEDORA-2016-0b3a611401",
"refsource" : "CERT-VN", "refsource": "FEDORA",
"url" : "http://www.kb.cert.org/vuls/id/118748" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177471.html"
} }
] ]
} }

74
2014/0xxx/CVE-2014-0787.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-0787", "ID": "CVE-2014-0787",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet." "value": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "42724", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/42724/" "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02"
}, },
{ {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02", "name": "42724",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02" "url": "https://www.exploit-db.com/exploits/42724/"
}, },
{ {
"name" : "66709", "name": "66709",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/66709" "url": "http://www.securityfocus.com/bid/66709"
} }
] ]
} }

68
2014/0xxx/CVE-2014-0855.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0855", "ID": "CVE-2014-0855",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21663921", "name": "ibm-websphere-cve20140855-xss(90802)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21663921" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90802"
}, },
{ {
"name" : "ibm-websphere-cve20140855-xss(90802)", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21663921",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90802" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663921"
} }
] ]
} }

68
2014/1xxx/CVE-2014-1383.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1383", "ID": "CVE-2014-1383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors." "value": "Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2014-06-30-4", "name": "APPLE-SA-2014-06-30-4",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html"
}, },
{ {
"name" : "1030503", "name": "1030503",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030503" "url": "http://www.securitytracker.com/id/1030503"
} }
] ]
} }

140
2014/1xxx/CVE-2014-1540.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2014-1540", "ID": "CVE-2014-1540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content." "value": "Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-51.html", "name": "openSUSE-SU-2014:0819",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-51.html" "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=978862", "name": "67978",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=978862" "url": "http://www.securityfocus.com/bid/67978"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "59387",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://secunia.com/advisories/59387"
}, },
{ {
"name" : "GLSA-201504-01", "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-51.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201504-01" "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-51.html"
}, },
{ {
"name" : "openSUSE-SU-2014:0855", "name": "1030388",
"refsource" : "SUSE", "refsource": "SECTRACK",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html" "url": "http://www.securitytracker.com/id/1030388"
}, },
{ {
"name" : "openSUSE-SU-2014:0819", "name": "59052",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html" "url": "http://secunia.com/advisories/59052"
}, },
{ {
"name" : "USN-2243-1", "name": "openSUSE-SU-2014:0855",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-2243-1" "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
}, },
{ {
"name" : "67978", "name": "GLSA-201504-01",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/67978" "url": "https://security.gentoo.org/glsa/201504-01"
}, },
{ {
"name" : "1030388", "name": "59866",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id/1030388" "url": "http://secunia.com/advisories/59866"
}, },
{ {
"name" : "59052", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/59052" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "59171", "name": "USN-2243-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/59171" "url": "http://www.ubuntu.com/usn/USN-2243-1"
}, },
{ {
"name" : "59866", "name": "59171",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/59866" "url": "http://secunia.com/advisories/59171"
}, },
{ {
"name" : "59387", "name": "59486",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/59387" "url": "http://secunia.com/advisories/59486"
}, },
{ {
"name" : "59486", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=978862",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/59486" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=978862"
} }
] ]
} }

74
2014/4xxx/CVE-2014-4569.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4569", "ID": "CVE-2014-4569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter." "value": "Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the room_name parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss", "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=833654%40videowhisper-live-streaming-integration&old=833649%40videowhisper-live-streaming-integration&sfp_email=&sfph_mail=",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss" "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=833654%40videowhisper-live-streaming-integration&old=833649%40videowhisper-live-streaming-integration&sfp_email=&sfph_mail="
}, },
{ {
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=833654%40videowhisper-live-streaming-integration&old=833649%40videowhisper-live-streaming-integration&sfp_email=&sfph_mail=", "name": "http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=833654%40videowhisper-live-streaming-integration&old=833649%40videowhisper-live-streaming-integration&sfp_email=&sfph_mail=" "url": "http://codevigilant.com/disclosure/wp-plugin-videowhisper-live-streaming-integration-a3-cross-site-scripting-xss"
}, },
{ {
"name" : "68321", "name": "68321",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/68321" "url": "http://www.securityfocus.com/bid/68321"
} }
] ]
} }

22
2014/4xxx/CVE-2014-4658.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4658", "ID": "CVE-2014-4658",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2014/4xxx/CVE-2014-4712.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4712", "ID": "CVE-2014-4712",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2014/4xxx/CVE-2014-4804.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4804", "ID": "CVE-2014-4804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page." "value": "Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695931", "name": "ibm-curam-cve20144804-info-disc(95306)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695931" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95306"
}, },
{ {
"name" : "ibm-curam-cve20144804-info-disc(95306)", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695931",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95306" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695931"
} }
] ]
} }

80
2014/5xxx/CVE-2014-5337.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5337", "ID": "CVE-2014-5337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exportarticles action to export/content.php." "value": "The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exportarticles action to export/content.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/", "name": "http://wordpress.org/plugins/wordpress-mobile-pack/changelog/",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/" "url": "http://wordpress.org/plugins/wordpress-mobile-pack/changelog/"
}, },
{ {
"name" : "http://wordpress.org/plugins/wordpress-mobile-pack/changelog/", "name": "69292",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://wordpress.org/plugins/wordpress-mobile-pack/changelog/" "url": "http://www.securityfocus.com/bid/69292"
}, },
{ {
"name" : "69292", "name": "60584",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/69292" "url": "http://secunia.com/advisories/60584"
}, },
{ {
"name" : "60584", "name": "https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/60584" "url": "https://security.dxw.com/advisories/information-disclosure-vulnerability-in-wordpress-mobile-pack-allows-anybody-to-read-password-protected-posts/"
} }
] ]
} }

22
2014/5xxx/CVE-2014-5401.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5401", "ID": "CVE-2014-5401",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2014/5xxx/CVE-2014-5800.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5800", "ID": "CVE-2014-5800",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#123137",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/123137"
}, },
{ {
"name" : "VU#123137", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/123137" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

110
2016/3xxx/CVE-2016-3459.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3459", "ID": "CVE-2016-3459",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB." "value": "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "name": "RHSA-2016:1132",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "url": "https://access.redhat.com/errata/RHSA-2016:1132"
}, },
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", "name": "USN-3040-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" "url": "http://www.ubuntu.com/usn/USN-3040-1"
}, },
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
}, },
{ {
"name" : "RHSA-2016:1601", "name": "91943",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" "url": "http://www.securityfocus.com/bid/91943"
}, },
{ {
"name" : "RHSA-2016:1132", "name": "RHSA-2016:1601",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1132" "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html"
}, },
{ {
"name" : "USN-3040-1", "name": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-3040-1" "url": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/"
}, },
{ {
"name" : "91787", "name": "1036362",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/91787" "url": "http://www.securitytracker.com/id/1036362"
}, },
{ {
"name" : "91943", "name": "91787",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/91943" "url": "http://www.securityfocus.com/bid/91787"
}, },
{ {
"name" : "1036362", "name": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036362" "url": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/"
} }
] ]
} }

80
2016/3xxx/CVE-2016-3585.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3585", "ID": "CVE-2016-3585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex." "value": "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "name": "1036408",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "url": "http://www.securitytracker.com/id/1036408"
}, },
{ {
"name" : "91787", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/91787" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
}, },
{ {
"name" : "91952", "name": "91787",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/91952" "url": "http://www.securityfocus.com/bid/91787"
}, },
{ {
"name" : "1036408", "name": "91952",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1036408" "url": "http://www.securityfocus.com/bid/91952"
} }
] ]
} }

22
2016/3xxx/CVE-2016-3600.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-3600", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-3600",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

22
2016/3xxx/CVE-2016-3668.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3668", "ID": "CVE-2016-3668",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

92
2016/3xxx/CVE-2016-3699.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-3699", "ID": "CVE-2016-3699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd." "value": "The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160922 kernel: ACPI table override is allowed when securelevel is enabled", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/22/4" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653"
}, },
{ {
"name" : "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76", "name": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76" "url": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1329653", "name": "[oss-security] 20160922 kernel: ACPI table override is allowed when securelevel is enabled",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1329653" "url": "http://www.openwall.com/lists/oss-security/2016/09/22/4"
}, },
{ {
"name" : "RHSA-2016:2574", "name": "RHSA-2016:2584",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2574.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
}, },
{ {
"name" : "RHSA-2016:2584", "name": "RHSA-2016:2574",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2584.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
}, },
{ {
"name" : "93114", "name": "93114",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93114" "url": "http://www.securityfocus.com/bid/93114"
} }
] ]
} }

22
2016/8xxx/CVE-2016-8186.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8186", "ID": "CVE-2016-8186",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2016/8xxx/CVE-2016-8871.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8871", "ID": "CVE-2016-8871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an \"OAEP side channel\" attack." "value": "In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an \"OAEP side channel\" attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://botan.randombit.net/security.html", "name": "https://botan.randombit.net/security.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://botan.randombit.net/security.html" "url": "https://botan.randombit.net/security.html"
}, },
{ {
"name" : "94225", "name": "94225",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/94225" "url": "http://www.securityfocus.com/bid/94225"
} }
] ]
} }

110
2016/8xxx/CVE-2016-8887.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8887", "ID": "CVE-2016-8887",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference)." "value": "The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20161022 Re: jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)", "name": "FEDORA-2016-6c789ba91d",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/23/3" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"
}, },
{ {
"name" : "[oss-security] 20161023 jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)", "name": "93835",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/23/6" "url": "http://www.securityfocus.com/bid/93835"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c", "name": "https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c" "url": "https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1388828", "name": "FEDORA-2016-e0f0d48142",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1388828" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"
}, },
{ {
"name" : "https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1388828",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388828"
}, },
{ {
"name" : "FEDORA-2016-6c789ba91d", "name": "USN-3693-1",
"refsource" : "FEDORA", "refsource": "UBUNTU",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/" "url": "https://usn.ubuntu.com/3693-1/"
}, },
{ {
"name" : "FEDORA-2016-e0f0d48142", "name": "[oss-security] 20161022 Re: jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/" "url": "http://www.openwall.com/lists/oss-security/2016/10/23/3"
}, },
{ {
"name" : "USN-3693-1", "name": "[oss-security] 20161023 jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)",
"refsource" : "UBUNTU", "refsource": "MLIST",
"url" : "https://usn.ubuntu.com/3693-1/" "url": "http://www.openwall.com/lists/oss-security/2016/10/23/6"
}, },
{ {
"name" : "93835", "name": "https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/93835" "url": "https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d"
} }
] ]
} }

22
2016/9xxx/CVE-2016-9762.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9762", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-9762",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2024.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2024", "ID": "CVE-2019-2024",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2019/2xxx/CVE-2019-2535.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2535", "ID": "CVE-2019-2535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.13 and prior" "version_value": "8.0.13 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)." "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." "value": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", "name": "106622",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" "url": "http://www.securityfocus.com/bid/106622"
}, },
{ {
"name" : "106622", "name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106622" "url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
} }
] ]
} }

22
2019/2xxx/CVE-2019-2716.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2716", "ID": "CVE-2019-2716",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2786.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2786", "ID": "CVE-2019-2786",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2953.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2953", "ID": "CVE-2019-2953",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6191.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6191", "ID": "CVE-2019-6191",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2019/6xxx/CVE-2019-6284.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6284", "ID": "CVE-2019-6284",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp." "value": "In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/sass/libsass/issues/2816", "name": "https://github.com/sass/libsass/issues/2816",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/sass/libsass/issues/2816" "url": "https://github.com/sass/libsass/issues/2816"
} }
] ]
} }

22
2019/6xxx/CVE-2019-6306.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6306", "ID": "CVE-2019-6306",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6675.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6675", "ID": "CVE-2019-6675",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }