admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:49:05 +00:00
parent 448bdeca9e
commit 554a3ec63a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3928 additions and 3928 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

198
2006/0xxx/CVE-2006-0167.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0167", "ID": "CVE-2006-0167",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060111 [eVuln] MyPhPim Multiple SQL Injection and XSS Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/421863/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page."
{ }
"name" : "http://evuln.com/vulns/22/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/22/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16210", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16210" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0147", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0147" ]
}, },
{ "references": {
"name" : "22324", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22324" "name": "http://evuln.com/vulns/22/summary.html",
}, "refsource": "MISC",
{ "url": "http://evuln.com/vulns/22/summary.html"
"name" : "22325", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22325" "name": "20060111 [eVuln] MyPhPim Multiple SQL Injection and XSS Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/421863/100/0/threaded"
"name" : "18399", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18399" "name": "22325",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22325"
"name" : "myphpim-calendar-sql-injection(24066)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24066" "name": "22324",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22324"
"name" : "myphpim-login-sql-injection(24075)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24075" "name": "18399",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18399"
} },
{
"name": "myphpim-login-sql-injection(24075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24075"
},
{
"name": "16210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16210"
},
{
"name": "ADV-2006-0147",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0147"
},
{
"name": "myphpim-calendar-sql-injection(24066)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24066"
}
]
}
} }

198
2006/0xxx/CVE-2006-0212.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0212", "ID": "CVE-2006-0212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/421993/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\\\ sequences in the RFILE argument of ussp-push."
{ }
"name" : "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'", ]
"refsource" : "FULLDISC", },
"url" : "http://marc.info/?l=full-disclosure&m=113712413907526&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2", ]
"refsource" : "MISC", }
"url" : "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2" ]
}, },
{ "references": {
"name" : "16236", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16236" "name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/421993/100/0/threaded"
"name" : "ADV-2006-0184", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0184" "name": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2",
}, "refsource": "MISC",
{ "url": "http://aps.toshiba-tro.de/bluetooth/pages/driverinfo.php?txt=sp2"
"name" : "22380", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22380" "name": "16236",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16236"
"name" : "1015486", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015486" "name": "ADV-2006-0184",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0184"
"name" : "18437", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18437" "name": "18437",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18437"
} },
{
"name": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA%5B2006-0112a%5D.txt"
},
{
"name": "22380",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22380"
},
{
"name": "20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=113712413907526&w=2"
},
{
"name": "1015486",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015486"
}
]
}
} }

168
2006/0xxx/CVE-2006-0627.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0627", "ID": "CVE-2006-0627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060212 [eVuln] Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424831/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats."
{ }
"name" : "http://www.evuln.com/vulns/64/summary.html", ]
"refsource" : "MISC", },
"url" : "http://www.evuln.com/vulns/64/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16607", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16607" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0495", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0495" ]
}, },
{ "references": {
"name" : "18790", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18790" "name": "http://www.evuln.com/vulns/64/summary.html",
}, "refsource": "MISC",
{ "url": "http://www.evuln.com/vulns/64/summary.html"
"name" : "clevercopy-script-xss(24524)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24524" "name": "18790",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18790"
} },
{
"name": "clevercopy-script-xss(24524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24524"
},
{
"name": "20060212 [eVuln] Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424831/100/0/threaded"
},
{
"name": "ADV-2006-0495",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0495"
},
{
"name": "16607",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16607"
}
]
}
} }

32
2006/0xxx/CVE-2006-0953.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0953", "ID": "CVE-2006-0953",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2006/1xxx/CVE-2006-1310.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-1310", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2006-1310",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
} }
] ]
} }
} }

238
2006/1xxx/CVE-2006-1859.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-1859", "ID": "CVE-2006-1859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an \"uninitialised return value,\" aka \"slab leak.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=1f0e637c94a9b041833947c79110d6c02fff8618", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=1f0e637c94a9b041833947c79110d6c02fff8618" "lang": "eng",
}, "value": "Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an \"uninitialised return value,\" aka \"slab leak.\""
{ }
"name" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=blobdiff;h=aa7f66091823dde953e15895dc427615701c39c7;hp=e75ac392a313f3fad823bf2e46a03f29701e3e34;hb=1f0e637c94a9b041833947c79110d6c02fff8618;f=fs/locks.c", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=blobdiff;h=aa7f66091823dde953e15895dc427615701c39c7;hp=e75ac392a313f3fad823bf2e46a03f29701e3e34;hb=1f0e637c94a9b041833947c79110d6c02fff8618;f=fs/locks.c" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2006:123", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:123" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SA:2006:042", ]
"refsource" : "SUSE", }
"url" : "http://www.novell.com/linux/security/advisories/2006_42_kernel.html" ]
}, },
{ "references": {
"name" : "2006-0028", "reference_data": [
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2006/0028" "name": "2006-0028",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2006/0028"
"name" : "USN-302-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-302-1" "name": "SUSE-SA:2006:042",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_42_kernel.html"
"name" : "18033", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18033" "name": "20716",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20716"
"name" : "ADV-2006-1767", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1767" "name": "linux-locks-setlease-dos(26438)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26438"
"name" : "20083", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20083" "name": "USN-302-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-302-1"
"name" : "20716", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20716" "name": "MDKSA-2006:123",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:123"
"name" : "21045", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21045" "name": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=1f0e637c94a9b041833947c79110d6c02fff8618",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=1f0e637c94a9b041833947c79110d6c02fff8618"
"name" : "21179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21179" "name": "20083",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20083"
"name" : "linux-locks-setlease-dos(26438)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26438" "name": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=blobdiff;h=aa7f66091823dde953e15895dc427615701c39c7;hp=e75ac392a313f3fad823bf2e46a03f29701e3e34;hb=1f0e637c94a9b041833947c79110d6c02fff8618;f=fs/locks.c",
} "refsource": "CONFIRM",
] "url": "http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=blobdiff;h=aa7f66091823dde953e15895dc427615701c39c7;hp=e75ac392a313f3fad823bf2e46a03f29701e3e34;hb=1f0e637c94a9b041833947c79110d6c02fff8618;f=fs/locks.c"
} },
{
"name": "18033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18033"
},
{
"name": "21045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21045"
},
{
"name": "ADV-2006-1767",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1767"
},
{
"name": "21179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21179"
}
]
}
} }

158
2006/1xxx/CVE-2006-1979.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1979", "ID": "CVE-2006-1979",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060420 [eVuln] MWGuest XSS Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431507/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter."
{ }
"name" : "http://evuln.com/vulns/122/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/122/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17630", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17630" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "747", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/747" ]
}, },
{ "references": {
"name" : "mwguest-mwguest-xss(25674)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25674" "name": "747",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/747"
} },
{
"name": "http://evuln.com/vulns/122/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/122/summary.html"
},
{
"name": "mwguest-mwguest-xss(25674)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25674"
},
{
"name": "20060420 [eVuln] MWGuest XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431507/100/0/threaded"
},
{
"name": "17630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17630"
}
]
}
} }

148
2006/4xxx/CVE-2006-4828.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4828", "ID": "CVE-2006-4828",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060914 PhotoPost =>4.6 (PP_PATH) Remote File Inclusion Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/446031/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter."
{ }
"name" : "20028", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20028" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1581", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1581" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "photopost-zipdownload-file-include(28948)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28948" ]
} },
] "references": {
} "reference_data": [
{
"name": "20028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20028"
},
{
"name": "photopost-zipdownload-file-include(28948)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28948"
},
{
"name": "1581",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1581"
},
{
"name": "20060914 PhotoPost =>4.6 (PP_PATH) Remote File Inclusion Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446031/100/0/threaded"
}
]
}
} }

168
2006/5xxx/CVE-2006-5424.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5424", "ID": "CVE-2006-5424",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.justsystem.co.jp/info/pd6004.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.justsystem.co.jp/info/pd6004.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326."
{ }
"name" : "JVN#90815371", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/jp/JVN%2390815371/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20610", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20610" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4092", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4092" ]
}, },
{ "references": {
"name" : "22386", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22386" "name": "20610",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20610"
"name" : "ichitaro-unspecified-bo(29654)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29654" "name": "ichitaro-unspecified-bo(29654)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29654"
} },
{
"name": "JVN#90815371",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2390815371/index.html"
},
{
"name": "ADV-2006-4092",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4092"
},
{
"name": "22386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22386"
},
{
"name": "http://www.justsystem.co.jp/info/pd6004.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6004.html"
}
]
}
} }

168
2006/5xxx/CVE-2006-5494.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5494", "ID": "CVE-2006-5494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote attackers to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might overlap CVE-2006-6795."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2599", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2599" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote attackers to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might overlap CVE-2006-6795."
{ }
"name" : "20633", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20633" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4121", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4121" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "29892", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/29892" ]
}, },
{ "references": {
"name" : "22505", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22505" "name": "20633",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20633"
"name" : "pandabb-display-file-include(29694)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29694" "name": "pandabb-display-file-include(29694)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29694"
} },
{
"name": "29892",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29892"
},
{
"name": "22505",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22505"
},
{
"name": "2599",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2599"
},
{
"name": "ADV-2006-4121",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4121"
}
]
}
} }

158
2006/5xxx/CVE-2006-5531.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5531", "ID": "CVE-2006-5531",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2631", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2631" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter."
{ }
"name" : "20710", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20710" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4187", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4187" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22554", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22554" ]
}, },
{ "references": {
"name" : "ascended-embedded-file-include(29756)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29756" "name": "2631",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/2631"
} },
{
"name": "ADV-2006-4187",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4187"
},
{
"name": "22554",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22554"
},
{
"name": "20710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20710"
},
{
"name": "ascended-embedded-file-include(29756)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29756"
}
]
}
} }

208
2007/2xxx/CVE-2007-2812.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2812", "ID": "CVE-2007-2812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the action parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070519 RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/469087/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the action parameter."
{ }
"name" : "20070519 RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/469088/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24063", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24063" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24102", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24102" ]
}, },
{ "references": {
"name" : "36215", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36215" "name": "24063",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24063"
"name" : "ADV-2007-1882", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1882" "name": "ADV-2007-1882",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1882"
"name" : "25340", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25340" "name": "hlstats-unspecified-xss(34382)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34382"
"name" : "2724", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2724" "name": "2724",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2724"
"name" : "hlstats-action-xss(34383)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34383" "name": "hlstats-action-xss(34383)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34383"
"name" : "hlstats-unspecified-xss(34382)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34382" "name": "36215",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/36215"
} },
{
"name": "20070519 RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469088/100/0/threaded"
},
{
"name": "25340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25340"
},
{
"name": "24102",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24102"
},
{
"name": "20070519 RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469087/100/0/threaded"
}
]
}
} }

148
2010/0xxx/CVE-2010-0799.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0799", "ID": "CVE-2010-0799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1001-exploits/phpunity-lfi.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1001-exploits/phpunity-lfi.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter."
{ }
"name" : "11290", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11290" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "62036", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/62036" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38409", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/38409" ]
} },
] "references": {
} "reference_data": [
{
"name": "11290",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11290"
},
{
"name": "38409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38409"
},
{
"name": "http://packetstormsecurity.org/1001-exploits/phpunity-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/phpunity-lfi.txt"
},
{
"name": "62036",
"refsource": "OSVDB",
"url": "http://osvdb.org/62036"
}
]
}
} }

178
2010/1xxx/CVE-2010-1573.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2010-1573", "ID": "CVE-2010-1573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100608 IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/511733/100/0/threaded" "lang": "eng",
}, "value": "Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi."
{ }
"name" : "http://www.icysilence.org/?p=268", ]
"refsource" : "MISC", },
"url" : "http://www.icysilence.org/?p=268" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=20682", "description": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=20682" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40648", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/40648" ]
}, },
{ "references": {
"name" : "40103", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40103" "name": "http://www.icysilence.org/?p=268",
}, "refsource": "MISC",
{ "url": "http://www.icysilence.org/?p=268"
"name" : "ADV-2010-1419", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1419" "name": "ADV-2010-1419",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1419"
"name" : "wap54g-debug-command-execution(59286)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59286" "name": "40648",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/40648"
} },
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=20682",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=20682"
},
{
"name": "40103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40103"
},
{
"name": "20100608 IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511733/100/0/threaded"
},
{
"name": "wap54g-debug-command-execution(59286)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59286"
}
]
}
} }

128
2010/2xxx/CVE-2010-2034.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2034", "ID": "CVE-2010-2034",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php."
{ }
"name" : "40244", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40244" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt"
},
{
"name": "40244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40244"
}
]
}
} }

158
2010/3xxx/CVE-2010-3788.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-3788", "ID": "CVE-2010-3788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4435", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4435" "lang": "eng",
}, "value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file."
{ }
"name" : "http://support.apple.com/kb/HT4447", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4447" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2010-11-10-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-12-07-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html" ]
}, },
{ "references": {
"name" : "1024729", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024729" "name": "http://support.apple.com/kb/HT4435",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/kb/HT4435"
} },
{
"name": "1024729",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024729"
},
{
"name": "APPLE-SA-2010-12-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4447",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4447"
}
]
}
} }

278
2010/3xxx/CVE-2010-3872.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-3872", "ID": "CVE-2010-3872",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to \"untrusted FastCGI applications\" and a \"stack buffer overwrite.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[apache] 20101107 [ANNOUNCE] mod_fcgid 2.3.6 is released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.gossamer-threads.com/lists/apache/announce/391406" "lang": "eng",
}, "value": "The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to \"untrusted FastCGI applications\" and a \"stack buffer overwrite.\""
{ }
"name" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=49406", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=49406" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2140", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2140" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2010-17434", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.html" ]
}, },
{ "references": {
"name" : "FEDORA-2010-17472", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050976.html" "name": "42288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42288"
"name" : "FEDORA-2010-17474", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.html" "name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49406",
}, "refsource": "CONFIRM",
{ "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49406"
"name" : "SUSE-SU-2011:0885", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00005.html" "name": "apache-fcgid-bo(63303)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63303"
"name" : "openSUSE-SU-2011:0884", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00004.html" "name": "ADV-2010-2997",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2997"
"name" : "44900", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44900" "name": "DSA-2140",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-2140"
"name" : "69275", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/69275" "name": "69275",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/69275"
"name" : "42288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42288" "name": "SUSE-SU-2011:0885",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00005.html"
"name" : "42302", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42302" "name": "ADV-2010-2998",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2998"
"name" : "42815", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42815" "name": "FEDORA-2010-17434",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.html"
"name" : "ADV-2010-2997", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2997" "name": "42302",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42302"
"name" : "ADV-2010-2998", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2998" "name": "[apache] 20101107 [ANNOUNCE] mod_fcgid 2.3.6 is released",
}, "refsource": "MLIST",
{ "url": "http://www.gossamer-threads.com/lists/apache/announce/391406"
"name" : "ADV-2011-0031", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0031" "name": "44900",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/44900"
"name" : "apache-fcgid-bo(63303)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63303" "name": "42815",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/42815"
} },
{
"name": "openSUSE-SU-2011:0884",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00004.html"
},
{
"name": "ADV-2011-0031",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0031"
},
{
"name": "FEDORA-2010-17474",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.html"
},
{
"name": "FEDORA-2010-17472",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050976.html"
}
]
}
} }

158
2010/4xxx/CVE-2010-4104.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2010-4104", "ID": "CVE-2010-4104",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to read arbitrary files via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02606", "description_data": [
"refsource" : "HP", {
"url" : "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285" "lang": "eng",
}, "value": "Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to read arbitrary files via unknown vectors."
{ }
"name" : "SSRT100321", ]
"refsource" : "HP", },
"url" : "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "44534", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44534" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42036", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/42036" ]
}, },
{ "references": {
"name" : "ADV-2010-2829", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2829" "name": "ADV-2010-2829",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/2829"
} },
{
"name": "SSRT100321",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285"
},
{
"name": "HPSBMA02606",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02573285"
},
{
"name": "42036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42036"
},
{
"name": "44534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44534"
}
]
}
} }

188
2010/4xxx/CVE-2010-4883.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4883", "ID": "CVE-2010-4883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter."
{ }
"name" : "http://modxcms.com/forums/index.php/topic,55104.0.html", ]
"refsource" : "CONFIRM", },
"url" : "http://modxcms.com/forums/index.php/topic,55104.0.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://modxcms.com/forums/index.php/topic,55105.0.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://modxcms.com/forums/index.php/topic,55105.0.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43577", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/43577" ]
}, },
{ "references": {
"name" : "68264", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/68264" "name": "modx-modahsh-xss(62070)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62070"
"name" : "41638", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41638" "name": "68264",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/68264"
"name" : "8435", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8435" "name": "http://modxcms.com/forums/index.php/topic,55105.0.html",
}, "refsource": "CONFIRM",
{ "url": "http://modxcms.com/forums/index.php/topic,55105.0.html"
"name" : "modx-modahsh-xss(62070)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62070" "name": "http://modxcms.com/forums/index.php/topic,55104.0.html",
} "refsource": "CONFIRM",
] "url": "http://modxcms.com/forums/index.php/topic,55104.0.html"
} },
{
"name": "43577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43577"
},
{
"name": "41638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41638"
},
{
"name": "http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt"
},
{
"name": "8435",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8435"
}
]
}
} }

138
2010/4xxx/CVE-2010-4951.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4951", "ID": "CVE-2010-4951",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/extensions/repository/view/vx_xajax_shoutbox/1.0.1/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/extensions/repository/view/vx_xajax_shoutbox/1.0.1/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/", ]
"refsource" : "CONFIRM", },
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42373", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42373" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/"
},
{
"name": "42373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42373"
},
{
"name": "http://typo3.org/extensions/repository/view/vx_xajax_shoutbox/1.0.1/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/vx_xajax_shoutbox/1.0.1/"
}
]
}
} }

138
2014/0xxx/CVE-2014-0258.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0258", "ID": "CVE-2014-0258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-001", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-001" "lang": "eng",
}, "value": "Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\""
{ }
"name" : "1029598", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1029598" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1029599", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029599" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1029599",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029599"
},
{
"name": "1029598",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029598"
},
{
"name": "MS14-001",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-001"
}
]
}
} }

158
2014/3xxx/CVE-2014-3773.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3773", "ID": "CVE-2014-3773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow remote attackers to execute arbitrary SQL commands via the login parameter in a (1) send_pw_by_email or (2) generate_new_password action in sources/main.queries.php; iDisplayStart parameter to (3) datatable.logs.php or (4) a file in source/datatable/; or iDisplayLength parameter to (5) datatable.logs.php or (6) a file in source/datatable/; or allow remote authenticated users to execute arbitrary SQL commands via a sSortDir_ parameter to (7) datatable.logs.php or (8) a file in source/datatable/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140518 CVE requests / advisory: TeamPass <= 2.1.19", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/05/18/2" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow remote attackers to execute arbitrary SQL commands via the login parameter in a (1) send_pw_by_email or (2) generate_new_password action in sources/main.queries.php; iDisplayStart parameter to (3) datatable.logs.php or (4) a file in source/datatable/; or iDisplayLength parameter to (5) datatable.logs.php or (6) a file in source/datatable/; or allow remote authenticated users to execute arbitrary SQL commands via a sSortDir_ parameter to (7) datatable.logs.php or (8) a file in source/datatable/."
{ }
"name" : "[oss-security] 20140519 Re: CVE requests / advisory: TeamPass <= 2.1.19", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/05/19/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://teampass.net/installation/2.1.20-released.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://teampass.net/installation/2.1.20-released.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f" ]
}, },
{ "references": {
"name" : "https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de" "name": "[oss-security] 20140518 CVE requests / advisory: TeamPass <= 2.1.19",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2014/05/18/2"
} },
{
"name": "https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de",
"refsource": "CONFIRM",
"url": "https://github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de"
},
{
"name": "https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f",
"refsource": "CONFIRM",
"url": "https://github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f"
},
{
"name": "http://teampass.net/installation/2.1.20-released.html",
"refsource": "CONFIRM",
"url": "http://teampass.net/installation/2.1.20-released.html"
},
{
"name": "[oss-security] 20140519 Re: CVE requests / advisory: TeamPass <= 2.1.19",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/19/5"
}
]
}
} }

168
2014/4xxx/CVE-2014-4486.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4486", "ID": "CVE-2014-4486",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/HT204244", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204244" "lang": "eng",
}, "value": "IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app."
{ }
"name" : "http://support.apple.com/HT204245", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/HT204245" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/HT204246", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-01-27-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-01-27-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" "name": "http://support.apple.com/HT204245",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204245"
"name" : "APPLE-SA-2015-01-27-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" "name": "http://support.apple.com/HT204246",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/HT204246"
} },
{
"name": "APPLE-SA-2015-01-27-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
},
{
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name": "APPLE-SA-2015-01-27-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
}
]
}
} }

148
2014/4xxx/CVE-2014-4809.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4809", "ID": "CVE-2014-4809",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685246", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685246" "lang": "eng",
}, "value": "The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors."
{ }
"name" : "IV64915", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "61294", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61294" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-sam-cve20144809-dos(95376)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685246"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "ibm-sam-cve20144809-dos(95376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95376"
},
{
"name": "IV64915",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64915"
}
]
}
} }

138
2014/4xxx/CVE-2014-4838.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4838", "ID": "CVE-2014-4838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686233", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686233" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
{ }
"name" : "61056", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/61056" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-tririga-cve20144838-xss(95634)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95634" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "61056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61056"
},
{
"name": "ibm-tririga-cve20144838-xss(95634)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95634"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686233",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686233"
}
]
}
} }

32
2014/4xxx/CVE-2014-4989.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4989", "ID": "CVE-2014-4989",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

298
2014/8xxx/CVE-2014-8133.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-8133", "ID": "CVE-2014-8133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/15/6" "lang": "eng",
}, "value": "arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1172797", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1172797" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe" ]
}, },
{ "references": {
"name" : "DSA-3128", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3128" "name": "USN-2515-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2515-1"
"name" : "MDVSA-2015:058", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172797"
"name" : "RHSA-2015:1272", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1272.html" "name": "USN-2491-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2491-1"
"name" : "openSUSE-SU-2015:0566", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html" "name": "SUSE-SU-2015:0736",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"name" : "SUSE-SU-2015:0736", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html" "name": "USN-2490-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2490-1"
"name" : "USN-2490-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2490-1" "name": "USN-2492-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2492-1"
"name" : "USN-2492-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2492-1" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41bdc78544b8a93a9c6814b8bbbfef966272abbe"
"name" : "USN-2493-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2493-1" "name": "62801",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62801"
"name" : "USN-2515-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2515-1" "name": "71684",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71684"
"name" : "USN-2516-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2516-1" "name": "USN-2518-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2518-1"
"name" : "USN-2517-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2517-1" "name": "MDVSA-2015:058",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:058"
"name" : "USN-2518-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2518-1" "name": "openSUSE-SU-2015:0566",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"name" : "USN-2491-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2491-1" "name": "USN-2493-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2493-1"
"name" : "71684", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71684" "name": "USN-2517-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2517-1"
"name" : "62801", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62801" "name": "DSA-3128",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2015/dsa-3128"
} },
{
"name": "USN-2516-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2516-1"
},
{
"name": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe"
},
{
"name": "RHSA-2015:1272",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1272.html"
},
{
"name": "[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/15/6"
}
]
}
} }

32
2014/8xxx/CVE-2014-8223.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-8223", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-8223",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

32
2014/8xxx/CVE-2014-8401.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8401", "ID": "CVE-2014-8401",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2014/8xxx/CVE-2014-8618.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8618", "ID": "CVE-2014-8618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fortiguard.com/advisory/FG-IR-15-005/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.fortiguard.com/advisory/FG-IR-15-005/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "1032265", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032265" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguard.com/advisory/FG-IR-15-005/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"name": "1032265",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032265"
}
]
}
} }

158
2014/9xxx/CVE-2014-9185.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9185", "ID": "CVE-2014-9185",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the site_url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141217 Morfy CMS v1.05 - Command Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/534271/100/0/threaded" "lang": "eng",
}, "value": "Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the site_url parameter."
{ }
"name" : "20141217 Morfy CMS v1.05 - Command Execution Vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Dec/70" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/129624/Morfy-CMS-1.05-Remote-Command-Execution.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/129624/Morfy-CMS-1.05-Remote-Command-Execution.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vulnerability-lab.com/get_content.php?id=1367", ]
"refsource" : "MISC", }
"url" : "http://www.vulnerability-lab.com/get_content.php?id=1367" ]
}, },
{ "references": {
"name" : "https://github.com/Awilum/monstra-cms/issues/351", "reference_data": [
"refsource" : "MISC", {
"url" : "https://github.com/Awilum/monstra-cms/issues/351" "name": "20141217 Morfy CMS v1.05 - Command Execution Vulnerability",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2014/Dec/70"
} },
{
"name": "http://www.vulnerability-lab.com/get_content.php?id=1367",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=1367"
},
{
"name": "https://github.com/Awilum/monstra-cms/issues/351",
"refsource": "MISC",
"url": "https://github.com/Awilum/monstra-cms/issues/351"
},
{
"name": "20141217 Morfy CMS v1.05 - Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534271/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/129624/Morfy-CMS-1.05-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129624/Morfy-CMS-1.05-Remote-Command-Execution.html"
}
]
}
} }

138
2014/9xxx/CVE-2014-9311.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9311", "ID": "CVE-2014-9311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/131321/WordPress-Shareaholic-7.6.0.3-Cross-Site-Scripting.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/131321/WordPress-Shareaholic-7.6.0.3-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php."
{ }
"name" : "http://security.szurek.pl/shareaholic-7603-xss.html", ]
"refsource" : "MISC", },
"url" : "http://security.szurek.pl/shareaholic-7603-xss.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wordpress.org/plugins/shareaholic/changelog/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/shareaholic/changelog/" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.szurek.pl/shareaholic-7603-xss.html",
"refsource": "MISC",
"url": "http://security.szurek.pl/shareaholic-7603-xss.html"
},
{
"name": "http://packetstormsecurity.com/files/131321/WordPress-Shareaholic-7.6.0.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131321/WordPress-Shareaholic-7.6.0.3-Cross-Site-Scripting.html"
},
{
"name": "https://wordpress.org/plugins/shareaholic/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/shareaholic/changelog/"
}
]
}
} }

138
2014/9xxx/CVE-2014-9579.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9579", "ID": "CVE-2014-9579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141218 SEC Consult SA-20141218-0 :: Multiple critical vulnerabilities in VDG Security SENSE (formerly DIVA)", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Dec/76" "lang": "eng",
}, "value": "VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files."
{ }
"name" : "http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txt", "description": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txt" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20141218 SEC Consult SA-20141218-0 :: Multiple critical vulnerabilities in VDG Security SENSE (formerly DIVA)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/76"
},
{
"name": "http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txt"
}
]
}
} }

128
2014/9xxx/CVE-2014-9835.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9835", "ID": "CVE-2014-9835",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141224 Imagemagick fuzzing bug", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/24/1" "lang": "eng",
}, "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file."
{ }
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
},
{
"name": "[oss-security] 20141224 Imagemagick fuzzing bug",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
}
]
}
} }

148
2016/2xxx/CVE-2016-2055.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2055", "ID": "CVE-2016-2055",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a \"config\" command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160214 Xymon: Critical security issues in all versions prior to 4.3.25", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537522/100/0/threaded" "lang": "eng",
}, "value": "xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a \"config\" command."
{ }
"name" : "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://sourceforge.net/p/xymon/code/7890/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://sourceforge.net/p/xymon/code/7890/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3495", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3495" ]
} },
] "references": {
} "reference_data": [
{
"name": "20160214 Xymon: Critical security issues in all versions prior to 4.3.25",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"name": "DSA-3495",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"name": "https://sourceforge.net/p/xymon/code/7890/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/xymon/code/7890/"
},
{
"name": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
}
]
}
} }

118
2016/2xxx/CVE-2016-2301.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-2301", "ID": "CVE-2016-2301",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03" "lang": "eng",
} "value": "SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
]
}
} }

32
2016/2xxx/CVE-2016-2664.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2664", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2664",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

238
2016/3xxx/CVE-2016-3139.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2016-3139", "ID": "CVE-2016-3139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39538", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39538/" "lang": "eng",
}, "value": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc", ]
"refsource" : "MISC", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283375", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283375" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283377", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283377" "name": "39538",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/39538/"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1316993", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1316993" "name": "SUSE-SU-2016:1690",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
"name" : "https://security-tracker.debian.org/tracker/CVE-2016-3139", },
"refsource" : "CONFIRM", {
"url" : "https://security-tracker.debian.org/tracker/CVE-2016-3139" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1316993"
"name" : "SUSE-SU-2016:1672", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283377"
"name" : "SUSE-SU-2016:1690", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" "name": "https://security-tracker.debian.org/tracker/CVE-2016-3139",
}, "refsource": "CONFIRM",
{ "url": "https://security-tracker.debian.org/tracker/CVE-2016-3139"
"name" : "SUSE-SU-2016:1707", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc",
}, "refsource": "MISC",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=471d17148c8b4174ac5f5283a73316d12c4379bc"
"name" : "SUSE-SU-2016:1764", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" "name": "SUSE-SU-2016:1764",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
"name" : "SUSE-SU-2016:2074", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" "name": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc",
}, "refsource": "MISC",
{ "url": "https://github.com/torvalds/linux/commit/471d17148c8b4174ac5f5283a73316d12c4379bc"
"name" : "SUSE-SU-2016:1019", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283375"
} },
{
"name": "SUSE-SU-2016:1707",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
},
{
"name": "SUSE-SU-2016:1672",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"name": "SUSE-SU-2016:1019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"name": "SUSE-SU-2016:2074",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
}
]
}
} }

138
2016/3xxx/CVE-2016-3365.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3365", "ID": "CVE-2016-3365",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3362."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-107", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107" "lang": "eng",
}, "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3362."
{ }
"name" : "92804", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92804" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036785", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036785" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1036785",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036785"
},
{
"name": "MS16-107",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107"
},
{
"name": "92804",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92804"
}
]
}
} }

148
2016/3xxx/CVE-2016-3433.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3433", "ID": "CVE-2016-3433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web Administration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web Administration."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92029", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92029" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036370", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036370" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "92029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92029"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "1036370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036370"
}
]
}
} }

148
2016/3xxx/CVE-2016-3475.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3475", "ID": "CVE-2016-3475",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91944", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91944" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036400", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036400" ]
} },
] "references": {
} "reference_data": [
{
"name": "1036400",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036400"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91944"
}
]
}
} }

318
2016/3xxx/CVE-2016-3511.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3511", "ID": "CVE-2016-3511",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20160721-0001/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20160721-0001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201610-08", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-08" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2016:1475", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2016:1475" ]
}, },
{ "references": {
"name" : "RHSA-2016:1476", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1476" "name": "SUSE-SU-2016:2261",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
"name" : "RHSA-2016:1587", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1587.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name" : "RHSA-2016:1588", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1588.html" "name": "GLSA-201610-08",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201610-08"
"name" : "RHSA-2016:1589", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1589.html" "name": "91990",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91990"
"name" : "RHSA-2017:1216", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1216" "name": "SUSE-SU-2016:2012",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
"name" : "SUSE-SU-2016:2261", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html" "name": "openSUSE-SU-2016:2052",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
"name" : "SUSE-SU-2016:2286", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html" "name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
"name" : "SUSE-SU-2016:1997", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html" "name": "RHSA-2016:1475",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1475"
"name" : "SUSE-SU-2016:2012", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html" "name": "SUSE-SU-2016:2286",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
"name" : "openSUSE-SU-2016:1979", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html" "name": "openSUSE-SU-2016:2051",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
"name" : "openSUSE-SU-2016:2050", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html" "name": "RHSA-2016:1587",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1587.html"
"name" : "openSUSE-SU-2016:2051", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html" "name": "1036365",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036365"
"name" : "openSUSE-SU-2016:2052", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html" "name": "RHSA-2016:1589",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1589.html"
"name" : "openSUSE-SU-2016:2058", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html" "name": "91787",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91787"
"name" : "91787", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "name": "RHSA-2016:1476",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1476"
"name" : "91990", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91990" "name": "SUSE-SU-2016:1997",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
"name" : "1036365", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036365" "name": "RHSA-2017:1216",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2017:1216"
} },
{
"name": "openSUSE-SU-2016:2050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"name": "openSUSE-SU-2016:1979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "RHSA-2016:1588",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1588.html"
},
{
"name": "openSUSE-SU-2016:2058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
}
]
}
} }

298
2016/3xxx/CVE-2016-3717.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-3717", "ID": "CVE-2016-3717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160513 May 2016 - HipChat Server - Critical Security Advisory", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/538378/100/0/threaded" "lang": "eng",
}, "value": "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image."
{ }
"name" : "39767", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/39767/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/03/18" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update", ]
"refsource" : "MLIST", }
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html" ]
}, },
{ "references": {
"name" : "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588" "name": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog",
}, "refsource": "CONFIRM",
{ "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
"name" : "https://www.imagemagick.org/script/changelog.php", },
"refsource" : "CONFIRM", {
"url" : "https://www.imagemagick.org/script/changelog.php" "name": "openSUSE-SU-2016:1266",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
"name" : "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", },
"refsource" : "CONFIRM", {
"url" : "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588",
}, "refsource": "CONFIRM",
{ "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" "name": "openSUSE-SU-2016:1326",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
"name" : "DSA-3580", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3580" "name": "USN-2990-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2990-1"
"name" : "GLSA-201611-21", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201611-21" "name": "openSUSE-SU-2016:1261",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
"name" : "RHSA-2016:0726", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0726.html" "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
"name" : "SSA:2016-132-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568" "name": "39767",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/39767/"
"name" : "SUSE-SU-2016:1260", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html" "name": "SUSE-SU-2016:1260",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
"name" : "openSUSE-SU-2016:1261", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html" "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
"name" : "openSUSE-SU-2016:1266", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
"name" : "SUSE-SU-2016:1275", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html" "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
"name" : "openSUSE-SU-2016:1326", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html" "name": "GLSA-201611-21",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201611-21"
"name" : "USN-2990-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2990-1" "name": "SUSE-SU-2016:1275",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
} },
{
"name": "SSA:2016-132-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568"
},
{
"name": "https://www.imagemagick.org/script/changelog.php",
"refsource": "CONFIRM",
"url": "https://www.imagemagick.org/script/changelog.php"
},
{
"name": "DSA-3580",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3580"
},
{
"name": "RHSA-2016:0726",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
}
]
}
} }

32
2016/6xxx/CVE-2016-6003.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6003", "ID": "CVE-2016-6003",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/6xxx/CVE-2016-6106.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6106", "ID": "CVE-2016-6106",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2016/6xxx/CVE-2016-6236.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6236", "ID": "CVE-2016-6236",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160717 Re: multiple memory corruption issues in lepton", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/07/17/6" "lang": "eng",
}, "value": "The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file."
{ }
"name" : "https://github.com/dropbox/lepton/issues/26", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/dropbox/lepton/issues/26" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dropbox/lepton/issues/26",
"refsource": "CONFIRM",
"url": "https://github.com/dropbox/lepton/issues/26"
},
{
"name": "[oss-security] 20160717 Re: multiple memory corruption issues in lepton",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/07/17/6"
}
]
}
} }

158
2016/6xxx/CVE-2016-6434.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-6434", "ID": "CVE-2016-6434",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40465", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40465/" "lang": "eng",
}, "value": "Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370."
{ }
"name" : "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking", ]
"refsource" : "MISC", },
"url" : "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt", "description": [
"refsource" : "MISC", {
"url" : "https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20161005 Cisco Firepower Management Center Console Authentication Bypass Vulnerability", ]
"refsource" : "CISCO", }
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1" ]
}, },
{ "references": {
"name" : "93412", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93412" "name": "20161005 Cisco Firepower Management Center Console Authentication Bypass Vulnerability",
} "refsource": "CISCO",
] "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1"
} },
{
"name": "https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt",
"refsource": "MISC",
"url": "https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt"
},
{
"name": "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking",
"refsource": "MISC",
"url": "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking"
},
{
"name": "93412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93412"
},
{
"name": "40465",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40465/"
}
]
}
} }

178
2016/6xxx/CVE-2016-6903.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-6903", "ID": "CVE-2016-6903",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/08/22/17" "lang": "eng",
}, "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1369345", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1369345" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0" ]
}, },
{ "references": {
"name" : "https://github.com/ghantoos/lshell/issues/149", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ghantoos/lshell/issues/149" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
"name" : "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68" "name": "92591",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92591"
"name" : "92591", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92591" "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946",
} "refsource": "CONFIRM",
] "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
} },
{
"name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
},
{
"name": "https://github.com/ghantoos/lshell/issues/149",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/issues/149"
},
{
"name": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
},
{
"name": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
}
]
}
} }

32
2016/7xxx/CVE-2016-7360.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7360", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7360",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

138
2016/7xxx/CVE-2016-7397.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7397", "ID": "CVE-2016-7397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the \"value\" field of the SMTP user settings in the notifications configuration tab."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160930 Multiple exposures in Sophos UTM", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539518/100/0/threaded" "lang": "eng",
}, "value": "The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the \"value\" field of the SMTP user settings in the notifications configuration tab."
{ }
"name" : "93266", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93266" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036931", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036931" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1036931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036931"
},
{
"name": "93266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93266"
},
{
"name": "20160930 Multiple exposures in Sophos UTM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539518/100/0/threaded"
}
]
}
} }

198
2016/7xxx/CVE-2016-7868.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-7868", "ID": "CVE-2016-7868",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier", "product_name": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier" "version_value": "Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Overflow / Underflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-625", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-625" "lang": "eng",
}, "value": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201701-17", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-17" "lang": "eng",
}, "value": "Buffer Overflow / Underflow"
{ }
"name" : "MS16-154", ]
"refsource" : "MS", }
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154" ]
}, },
{ "references": {
"name" : "RHSA-2016:2947", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2947.html" "name": "SUSE-SU-2016:3148",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
"name" : "SUSE-SU-2016:3148", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html" "name": "MS16-154",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
"name" : "openSUSE-SU-2016:3160", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html" "name": "94871",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94871"
"name" : "94871", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94871" "name": "GLSA-201701-17",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-17"
"name" : "1037442", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037442" "name": "1037442",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1037442"
} },
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-625",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-625"
},
{
"name": "RHSA-2016:2947",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"name": "openSUSE-SU-2016:3160",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
}
]
}
} }

188
2016/7xxx/CVE-2016-7954.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7954", "ID": "CVE-2016-7954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161004 Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/7" "lang": "eng",
}, "value": "Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334."
{ }
"name" : "[oss-security] 20161004 Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20161004 Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/05/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://collectiveidea.com/blog/archives/2016/10/06/bundlers-multiple-source-security-vulnerability/", ]
"refsource" : "MISC", }
"url" : "http://collectiveidea.com/blog/archives/2016/10/06/bundlers-multiple-source-security-vulnerability/" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1381951", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1381951" "name": "93423",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93423"
"name" : "https://github.com/bundler/bundler/issues/5051", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/bundler/bundler/issues/5051" "name": "https://github.com/bundler/bundler/issues/5062",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/bundler/bundler/issues/5062"
"name" : "https://github.com/bundler/bundler/issues/5062", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/bundler/bundler/issues/5062" "name": "http://collectiveidea.com/blog/archives/2016/10/06/bundlers-multiple-source-security-vulnerability/",
}, "refsource": "MISC",
{ "url": "http://collectiveidea.com/blog/archives/2016/10/06/bundlers-multiple-source-security-vulnerability/"
"name" : "93423", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93423" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1381951",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1381951"
} },
{
"name": "[oss-security] 20161004 Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/05/3"
},
{
"name": "[oss-security] 20161004 Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/7"
},
{
"name": "[oss-security] 20161004 Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/5"
},
{
"name": "https://github.com/bundler/bundler/issues/5051",
"refsource": "CONFIRM",
"url": "https://github.com/bundler/bundler/issues/5051"
}
]
}
} }