admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:44:30 +00:00
parent a7dc7953ad
commit 569eab98bb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3844 additions and 3844 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2006/5xxx/CVE-2006-5526.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5526",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter in (a) faq.php, (b) index.php, (c) list.php, (d) login.php, (e) playlist.php, (f) song.php, (g) gen_m3u.php, (h) view_artist.php, (i) view_song.php, (j) flash/set_na.php, (k) flash/initialise.php, (l) flash/get_song.php, (m) includes/common.php, (n) admin/nav.php, (o) admin/main.php, (p) admin/list_artists.php, (q) admin/index.php, (r) admin/genres.php, (s) admin/edit_artist.php, (t) admin/edit_album.php, (u) admin/config.php, and (v) admin/admin_status.php in player/, different vectors than CVE-2006-3045. NOTE: CVE analysis as of 20061026 indicates that files in the admin/ and flash/ directories define foing_root_path before use."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "2621",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2621"
},
{
"name" : "ADV-2006-4165",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4165"
},
{
"name" : "30035",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/30035"
},
{
"name" : "22499",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22499"
},
{
"name" : "phpbb-foing-file-include(29718)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29718"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter in (a) faq.php, (b) index.php, (c) list.php, (d) login.php, (e) playlist.php, (f) song.php, (g) gen_m3u.php, (h) view_artist.php, (i) view_song.php, (j) flash/set_na.php, (k) flash/initialise.php, (l) flash/get_song.php, (m) includes/common.php, (n) admin/nav.php, (o) admin/main.php, (p) admin/list_artists.php, (q) admin/index.php, (r) admin/genres.php, (s) admin/edit_artist.php, (t) admin/edit_album.php, (u) admin/config.php, and (v) admin/admin_status.php in player/, different vectors than CVE-2006-3045. NOTE: CVE analysis as of 20061026 indicates that files in the admin/ and flash/ directories define foing_root_path before use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4165",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4165"
},
{
"name": "phpbb-foing-file-include(29718)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29718"
},
{
"name": "30035",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30035"
},
{
"name": "22499",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22499"
},
{
"name": "2621",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2621"
}
]
}
}

160
2006/5xxx/CVE-2006-5587.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5587",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "2626",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2626"
},
{
"name" : "20687",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20687"
},
{
"name" : "ADV-2006-4214",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4214"
},
{
"name" : "22561",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22561"
},
{
"name" : "mdweb132-chemin-file-include(29721)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29721"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20687"
},
{
"name": "2626",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2626"
},
{
"name": "ADV-2006-4214",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4214"
},
{
"name": "mdweb132-chemin-file-include(29721)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29721"
},
{
"name": "22561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22561"
}
]
}
}

160
2006/5xxx/CVE-2006-5983.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5983",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (c) CMD_TICKET_CREATE or (d) CMD_TICKET, the (3) user parameter to (e) CMD_EMAIL_FORWARDER_MODIFY, (f) CMD_EMAIL_VACATION_MODIFY, or (g) CMD_FTP_SHOW, and the (4) name parameter to (h) CMD_EMAIL_LIST in the User level; or the (5) user parameter to (i) CMD_SHOW_USER in the Reseller level."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061112 DirectAdmin Multiple Cross Site Scription",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451376/100/0/threaded"
},
{
"name" : "http://aria-security.net/advisory/directadmin.txt",
"refsource" : "MISC",
"url" : "http://aria-security.net/advisory/directadmin.txt"
},
{
"name" : "21049",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21049"
},
{
"name" : "1885",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1885"
},
{
"name" : "directadmin-user-xss(30256)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30256"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (c) CMD_TICKET_CREATE or (d) CMD_TICKET, the (3) user parameter to (e) CMD_EMAIL_FORWARDER_MODIFY, (f) CMD_EMAIL_VACATION_MODIFY, or (g) CMD_FTP_SHOW, and the (4) name parameter to (h) CMD_EMAIL_LIST in the User level; or the (5) user parameter to (i) CMD_SHOW_USER in the Reseller level."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21049"
},
{
"name": "directadmin-user-xss(30256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30256"
},
{
"name": "http://aria-security.net/advisory/directadmin.txt",
"refsource": "MISC",
"url": "http://aria-security.net/advisory/directadmin.txt"
},
{
"name": "20061112 DirectAdmin Multiple Cross Site Scription",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451376/100/0/threaded"
},
{
"name": "1885",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1885"
}
]
}
}

160
2007/2xxx/CVE-2007-2327.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2327",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070425 HTMLeditbox & 2.2 >> RFI",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/466841/100/0/threaded"
},
{
"name" : "23664",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23664"
},
{
"name" : "35525",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35525"
},
{
"name" : "2635",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2635"
},
{
"name" : "htmleditbox-editor-file-include(33875)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33875"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23664",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23664"
},
{
"name": "20070425 HTMLeditbox & 2.2 >> RFI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466841/100/0/threaded"
},
{
"name": "35525",
"refsource": "OSVDB",
"url": "http://osvdb.org/35525"
},
{
"name": "2635",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2635"
},
{
"name": "htmleditbox-editor-file-include(33875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33875"
}
]
}
}

150
2007/2xxx/CVE-2007-2342.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2342",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3767",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3767"
},
{
"name" : "23564",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23564"
},
{
"name" : "ADV-2007-1476",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1476"
},
{
"name" : "35638",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35638"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1476",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1476"
},
{
"name": "35638",
"refsource": "OSVDB",
"url": "http://osvdb.org/35638"
},
{
"name": "3767",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3767"
},
{
"name": "23564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23564"
}
]
}
}

160
2007/2xxx/CVE-2007-2567.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2567",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070505 Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/467822/100/0/threaded"
},
{
"name" : "ADV-2007-1705",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1705"
},
{
"name" : "34336",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34336"
},
{
"name" : "25180",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25180"
},
{
"name" : "2683",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2683"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070505 Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467822/100/0/threaded"
},
{
"name": "2683",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2683"
},
{
"name": "34336",
"refsource": "OSVDB",
"url": "http://osvdb.org/34336"
},
{
"name": "25180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25180"
},
{
"name": "ADV-2007-1705",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1705"
}
]
}
}

180
2007/2xxx/CVE-2007-2827.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2827",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html",
"refsource" : "MISC",
"url" : "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html"
},
{
"name" : "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html",
"refsource" : "MISC",
"url" : "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html"
},
{
"name" : "24093",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24093"
},
{
"name" : "ADV-2007-1900",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1900"
},
{
"name" : "36032",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36032"
},
{
"name" : "25349",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25349"
},
{
"name" : "leadtools-isis-activex-bo(34437)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34437"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24093"
},
{
"name": "25349",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25349"
},
{
"name": "ADV-2007-1900",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1900"
},
{
"name": "36032",
"refsource": "OSVDB",
"url": "http://osvdb.org/36032"
},
{
"name": "leadtools-isis-activex-bo(34437)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34437"
},
{
"name": "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/moaxb/20070522/leadisistxt.html"
},
{
"name": "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html",
"refsource": "MISC",
"url": "http://moaxb.blogspot.com/2007/05/moaxb-22-leadtools-isis-control.html"
}
]
}
}

430
2007/2xxx/CVE-2007-2869.json
View File

@ -1,217 +1,217 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2869",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070531 FLEA-2007-0023-1: firefox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1424",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1424"
},
{
"name" : "DSA-1306",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1306"
},
{
"name" : "DSA-1308",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1308"
},
{
"name" : "GLSA-200706-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "MDKSA-2007:120",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
},
{
"name" : "MDKSA-2007:126",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
},
{
"name" : "RHSA-2007:0400",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
},
{
"name" : "RHSA-2007:0401",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name" : "RHSA-2007:0402",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name" : "SSA:2007-152-02",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857"
},
{
"name" : "SUSE-SA:2007:036",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name" : "USN-468-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-468-1"
},
{
"name" : "TA07-151A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name" : "24242",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24242"
},
{
"name" : "35135",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35135"
},
{
"name" : "oval:org.mitre.oval:def:11208",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11208"
},
{
"name" : "ADV-2007-1994",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name" : "1018154",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018154"
},
{
"name" : "25476",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25476"
},
{
"name" : "25533",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25533"
},
{
"name" : "25635",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25635"
},
{
"name" : "25647",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25647"
},
{
"name" : "25685",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25685"
},
{
"name" : "25534",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25534"
},
{
"name" : "25490",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25490"
},
{
"name" : "25750",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25750"
},
{
"name" : "25858",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25858"
},
{
"name" : "firefox-autocomplete-dos(34612)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34612"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-13.html"
},
{
"name": "DSA-1308",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1308"
},
{
"name": "MDKSA-2007:120",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:120"
},
{
"name": "20070531 FLEA-2007-0023-1: firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470172/100/200/threaded"
},
{
"name": "25647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25647"
},
{
"name": "firefox-autocomplete-dos(34612)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34612"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "SUSE-SA:2007:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_36_mozilla.html"
},
{
"name": "GLSA-200706-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-06.xml"
},
{
"name": "25635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25635"
},
{
"name": "25534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25534"
},
{
"name": "ADV-2007-1994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1994"
},
{
"name": "RHSA-2007:0400",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0400.html"
},
{
"name": "SSA:2007-152-02",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857"
},
{
"name": "25533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25533"
},
{
"name": "oval:org.mitre.oval:def:11208",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11208"
},
{
"name": "DSA-1306",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1306"
},
{
"name": "https://issues.rpath.com/browse/RPL-1424",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1424"
},
{
"name": "25858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25858"
},
{
"name": "USN-468-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-468-1"
},
{
"name": "RHSA-2007:0401",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0401.html"
},
{
"name": "25476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25476"
},
{
"name": "MDKSA-2007:126",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:126"
},
{
"name": "35135",
"refsource": "OSVDB",
"url": "http://osvdb.org/35135"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "24242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24242"
},
{
"name": "25750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25750"
},
{
"name": "25490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25490"
},
{
"name": "RHSA-2007:0402",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0402.html"
},
{
"name": "TA07-151A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-151A.html"
},
{
"name": "25685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25685"
},
{
"name": "1018154",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018154"
}
]
}
}

410
2007/2xxx/CVE-2007-2949.json
View File

@ -1,207 +1,207 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2949",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-2949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://secunia.com/secunia_research/2007-63/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2007-63/advisory/"
},
{
"name" : "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798",
"refsource" : "CONFIRM",
"url" : "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1487",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1487"
},
{
"name" : "http://issues.foresightlinux.org/browse/FL-457",
"refsource" : "CONFIRM",
"url" : "http://issues.foresightlinux.org/browse/FL-457"
},
{
"name" : "DSA-1335",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1335"
},
{
"name" : "GLSA-200707-09",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200707-09.xml"
},
{
"name" : "MDKSA-2007:170",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:170"
},
{
"name" : "RHSA-2007:0513",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0513.html"
},
{
"name" : "SSA:2007-222-01",
"refsource" : "SLACKWARE",
"url" : "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191"
},
{
"name" : "103170",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"name" : "201320",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"name" : "SUSE-SR:2007:015",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name" : "USN-480-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-480-1"
},
{
"name" : "VU#399896",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/399896"
},
{
"name" : "24745",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24745"
},
{
"name" : "37804",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37804"
},
{
"name" : "oval:org.mitre.oval:def:5772",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772"
},
{
"name" : "oval:org.mitre.oval:def:11276",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276"
},
{
"name" : "ADV-2007-2421",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2421"
},
{
"name" : "ADV-2007-4241",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4241"
},
{
"name" : "25677",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25677"
},
{
"name" : "25949",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25949"
},
{
"name" : "26044",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26044"
},
{
"name" : "26132",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26132"
},
{
"name" : "26215",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26215"
},
{
"name" : "26384",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26384"
},
{
"name" : "26575",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26575"
},
{
"name" : "26939",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26939"
},
{
"name" : "28114",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28114"
},
{
"name" : "gimp-unpackpixeldata-code-execution(35246)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35246"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2007-63/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-63/advisory/"
},
{
"name": "25949",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25949"
},
{
"name": "26044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26044"
},
{
"name": "26132",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26132"
},
{
"name": "gimp-unpackpixeldata-code-execution(35246)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35246"
},
{
"name": "https://issues.rpath.com/browse/RPL-1487",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1487"
},
{
"name": "GLSA-200707-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200707-09.xml"
},
{
"name": "SSA:2007-222-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191"
},
{
"name": "26575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26575"
},
{
"name": "37804",
"refsource": "OSVDB",
"url": "http://osvdb.org/37804"
},
{
"name": "oval:org.mitre.oval:def:5772",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772"
},
{
"name": "26384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26384"
},
{
"name": "201320",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"
},
{
"name": "RHSA-2007:0513",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0513.html"
},
{
"name": "25677",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25677"
},
{
"name": "oval:org.mitre.oval:def:11276",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276"
},
{
"name": "28114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28114"
},
{
"name": "ADV-2007-2421",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2421"
},
{
"name": "26215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26215"
},
{
"name": "24745",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24745"
},
{
"name": "USN-480-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-480-1"
},
{
"name": "103170",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"
},
{
"name": "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798"
},
{
"name": "MDKSA-2007:170",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:170"
},
{
"name": "DSA-1335",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1335"
},
{
"name": "26939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26939"
},
{
"name": "VU#399896",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/399896"
},
{
"name": "SUSE-SR:2007:015",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name": "ADV-2007-4241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4241"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-457",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-457"
}
]
}
}

190
2007/3xxx/CVE-2007-3207.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3207",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html",
"refsource" : "CONFIRM",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"name" : "VU#578105",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/578105"
},
{
"name" : "24489",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24489"
},
{
"name" : "ADV-2007-2221",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2221"
},
{
"name" : "37317",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37317"
},
{
"name" : "25697",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25697"
},
{
"name" : "netware-nfs-mount-dos(34878)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24489"
},
{
"name": "netware-nfs-mount-dos(34878)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"name": "VU#578105",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"name": "37317",
"refsource": "OSVDB",
"url": "http://osvdb.org/37317"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"name": "ADV-2007-2221",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"name": "25697",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25697"
}
]
}
}

190
2007/3xxx/CVE-2007-3268.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3268",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg24016347",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
},
{
"name" : "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM",
"refsource" : "CONFIRM",
"url" : "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
},
{
"name" : "24942",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24942"
},
{
"name" : "ADV-2007-2560",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2560"
},
{
"name" : "1018401",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018401"
},
{
"name" : "26093",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26093"
},
{
"name" : "tivoli-rembo-dos(35468)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM",
"refsource": "CONFIRM",
"url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
},
{
"name": "ADV-2007-2560",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2560"
},
{
"name": "26093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26093"
},
{
"name": "24942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24942"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
},
{
"name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
},
{
"name": "1018401",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018401"
},
{
"name": "tivoli-rembo-dos(35468)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
}
]
}
}

310
2007/6xxx/CVE-2007-6441.json
View File

@ -1,157 +1,157 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6441",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-6441",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20080103 rPSA-2008-0004-1 tshark wireshark",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/485792/100/0/threaded"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=199958",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=199958"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1975",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1975"
},
{
"name" : "GLSA-200712-23",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200712-23.xml"
},
{
"name" : "MDVSA-2008:001",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001"
},
{
"name" : "MDVSA-2008:1",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1"
},
{
"name" : "RHSA-2008:0058",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0058.html"
},
{
"name" : "SUSE-SR:2008:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name" : "27071",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27071"
},
{
"name" : "oval:org.mitre.oval:def:10452",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10452"
},
{
"name" : "oval:org.mitre.oval:def:14126",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14126"
},
{
"name" : "28288",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28288"
},
{
"name" : "27777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27777"
},
{
"name" : "28304",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28304"
},
{
"name" : "28325",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28325"
},
{
"name" : "28564",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28564"
},
{
"name" : "29048",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29048"
},
{
"name" : "wireshark-wimax-dissector-dos(39183)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39183"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to \"unaligned access on some platforms.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27777"
},
{
"name": "https://issues.rpath.com/browse/RPL-1975",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1975"
},
{
"name": "29048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29048"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2007-03.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2007-03.html"
},
{
"name": "28564",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28564"
},
{
"name": "wireshark-wimax-dissector-dos(39183)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39183"
},
{
"name": "20080103 rPSA-2008-0004-1 tshark wireshark",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485792/100/0/threaded"
},
{
"name": "GLSA-200712-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-23.xml"
},
{
"name": "28304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28304"
},
{
"name": "28325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28325"
},
{
"name": "oval:org.mitre.oval:def:14126",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14126"
},
{
"name": "MDVSA-2008:1",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1"
},
{
"name": "MDVSA-2008:001",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001"
},
{
"name": "RHSA-2008:0058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0058.html"
},
{
"name": "SUSE-SR:2008:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=199958",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199958"
},
{
"name": "oval:org.mitre.oval:def:10452",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10452"
},
{
"name": "27071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27071"
},
{
"name": "28288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28288"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004"
}
]
}
}

390
2010/0xxx/CVE-2010-0415.json
View File

@ -1,197 +1,197 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0415",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "[oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/07/1"
},
{
"name" : "[oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/07/2"
},
{
"name" : "[oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/08/2"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=562582",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=562582"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "DSA-1996",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-1996"
},
{
"name" : "DSA-2005",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2005"
},
{
"name" : "FEDORA-2010-1787",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name" : "FEDORA-2010-1804",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html"
},
{
"name" : "MDVSA-2010:066",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:066"
},
{
"name" : "MDVSA-2010:198",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name" : "RHSA-2010:0161",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0161.html"
},
{
"name" : "RHSA-2010:0147",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0147.html"
},
{
"name" : "SUSE-SA:2010:018",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html"
},
{
"name" : "SUSE-SA:2010:014",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html"
},
{
"name" : "USN-914-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-914-1"
},
{
"name" : "38144",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38144"
},
{
"name" : "oval:org.mitre.oval:def:9399",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399"
},
{
"name" : "38492",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38492"
},
{
"name" : "38557",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38557"
},
{
"name" : "38922",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38922"
},
{
"name" : "38779",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38779"
},
{
"name" : "39033",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39033"
},
{
"name" : "43315",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43315"
},
{
"name" : "ADV-2010-0638",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0638"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100207 Re: CVE request: information leak / potential crash in sys_move_pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/07/2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0"
},
{
"name": "USN-914-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-914-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7"
},
{
"name": "ADV-2010-0638",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0638"
},
{
"name": "38557",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38557"
},
{
"name": "RHSA-2010:0147",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html"
},
{
"name": "oval:org.mitre.oval:def:9399",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399"
},
{
"name": "FEDORA-2010-1804",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html"
},
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "38144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38144"
},
{
"name": "38779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38779"
},
{
"name": "SUSE-SA:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html"
},
{
"name": "[oss-security] 20100207 CVE request: information leak / potential crash in sys_move_pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/07/1"
},
{
"name": "38922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38922"
},
{
"name": "SUSE-SA:2010:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html"
},
{
"name": "DSA-1996",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1996"
},
{
"name": "FEDORA-2010-1787",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name": "43315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43315"
},
{
"name": "MDVSA-2010:066",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:066"
},
{
"name": "39033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39033"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "[oss-security] 20100208 Re: CVE request: information leak / potential crash in sys_move_pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/08/2"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "38492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38492"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=562582",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=562582"
},
{
"name": "RHSA-2010:0161",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html"
}
]
}
}

180
2010/0xxx/CVE-2010-0658.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0658",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=24071",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=24071"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=24646",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=24646"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=8864",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=8864"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource" : "CONFIRM",
"url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"name" : "oval:org.mitre.oval:def:13852",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852"
},
{
"name" : "1023506",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023506"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=8864",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=8864"
},
{
"name": "1023506",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023506"
},
{
"name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource": "CONFIRM",
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=24071",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=24071"
},
{
"name": "oval:org.mitre.oval:def:13852",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13852"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=24646",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=24646"
}
]
}
}

180
2010/0xxx/CVE-2010-0717.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0717",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0717",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/02/15/2"
},
{
"name" : "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES",
"refsource" : "CONFIRM",
"url" : "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES"
},
{
"name" : "http://moinmo.in/MoinMoinRelease1.8",
"refsource" : "CONFIRM",
"url" : "http://moinmo.in/MoinMoinRelease1.8"
},
{
"name" : "DSA-2014",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2014"
},
{
"name" : "38903",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38903"
},
{
"name" : "ADV-2010-0600",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0600"
},
{
"name" : "moinmoin-cfgpackagepages-unspecified(56595)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56595"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "moinmoin-cfgpackagepages-unspecified(56595)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56595"
},
{
"name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"
},
{
"name": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES"
},
{
"name": "http://moinmo.in/MoinMoinRelease1.8",
"refsource": "CONFIRM",
"url": "http://moinmo.in/MoinMoinRelease1.8"
},
{
"name": "DSA-2014",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2014"
},
{
"name": "38903",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38903"
},
{
"name": "ADV-2010-0600",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0600"
}
]
}
}

130
2010/0xxx/CVE-2010-0775.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0775",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "PM05663",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM05663"
},
{
"name" : "was-dmgr-nodeagent-dos(58555)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58555"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "was-dmgr-nodeagent-dos(58555)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58555"
},
{
"name": "PM05663",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM05663"
}
]
}
}

130
2010/1xxx/CVE-2010-1007.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1007",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name" : "38811",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38811"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name": "38811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38811"
}
]
}
}

130
2010/5xxx/CVE-2010-5245.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5245",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5245",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource" : "MISC",
"url" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
},
{
"name" : "41197",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41197"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource": "MISC",
"url": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
},
{
"name": "41197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41197"
}
]
}
}

150
2010/5xxx/CVE-2010-5307.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5307",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource" : "MISC",
"url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
},
{
"name" : "https://twitter.com/digitalbond/status/619250429751222277",
"refsource" : "MISC",
"url" : "https://twitter.com/digitalbond/status/619250429751222277"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
},
{
"name" : "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4",
"refsource" : "CONFIRM",
"url" : "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4",
"refsource": "CONFIRM",
"url": "http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4"
},
{
"name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource": "MISC",
"url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
},
{
"name": "https://twitter.com/digitalbond/status/619250429751222277",
"refsource": "MISC",
"url": "https://twitter.com/digitalbond/status/619250429751222277"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
}
]
}
}

120
2010/5xxx/CVE-2010-5315.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5315",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.htbridge.com/advisory/HTB22723",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB22723"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.htbridge.com/advisory/HTB22723",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB22723"
}
]
}
}

160
2014/0xxx/CVE-2014-0282.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0282",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "33860",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33860"
},
{
"name" : "MS14-035",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name" : "67862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67862"
},
{
"name" : "107851",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/107851"
},
{
"name" : "1030370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030370"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name": "33860",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33860"
},
{
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name": "67862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67862"
},
{
"name": "107851",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/107851"
}
]
}
}

130
2014/0xxx/CVE-2014-0315.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0315",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka \"Windows File Handling Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx"
},
{
"name" : "MS14-019",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka \"Windows File Handling Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspx"
},
{
"name": "MS14-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019"
}
]
}
}

170
2014/0xxx/CVE-2014-0439.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0439",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Report Distribution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
},
{
"name" : "64884",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64884"
},
{
"name" : "102042",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102042"
},
{
"name" : "1029623",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029623"
},
{
"name" : "56478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56478"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Report Distribution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "64884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64884"
},
{
"name": "56478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56478"
},
{
"name": "102042",
"refsource": "OSVDB",
"url": "http://osvdb.org/102042"
},
{
"name": "1029623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029623"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}
}

160
2014/0xxx/CVE-2014-0820.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0820",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-0820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://cs.cybozu.co.jp/information/gr20140225up05.php",
"refsource" : "CONFIRM",
"url" : "http://cs.cybozu.co.jp/information/gr20140225up05.php"
},
{
"name" : "https://support.cybozu.com/ja-jp/article/7994",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/7994"
},
{
"name" : "JVN#26393529",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN26393529/index.html"
},
{
"name" : "JVNDB-2014-000023",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
},
{
"name" : "65815",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65815"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#26393529",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN26393529/index.html"
},
{
"name": "http://cs.cybozu.co.jp/information/gr20140225up05.php",
"refsource": "CONFIRM",
"url": "http://cs.cybozu.co.jp/information/gr20140225up05.php"
},
{
"name": "JVNDB-2014-000023",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000023"
},
{
"name": "https://support.cybozu.com/ja-jp/article/7994",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/7994"
},
{
"name": "65815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65815"
}
]
}
}

150
2014/0xxx/CVE-2014-0889.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0889",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081"
},
{
"name" : "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889"
},
{
"name" : "59681",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59681"
},
{
"name" : "ibm-atlas-cve20140889-xss(91241)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91241"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081"
},
{
"name": "59681",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59681"
},
{
"name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_cross_site_scripting_vulnerabilities_cve_2014_0889"
},
{
"name": "ibm-atlas-cve20140889-xss(91241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91241"
}
]
}
}

480
2014/1xxx/CVE-2014-1538.json
View File

@ -1,242 +1,242 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1538",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-0741.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0741.html"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-0742.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0742.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1107421",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1107421"
},
{
"name" : "DSA-2955",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2955"
},
{
"name" : "DSA-2960",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2960"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "RHSA-2014:0741",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"name" : "RHSA-2014:0742",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"name" : "openSUSE-SU-2014:0855",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"name" : "openSUSE-SU-2014:0858",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"name" : "SUSE-SU-2014:0824",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"name" : "openSUSE-SU-2014:0797",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"name" : "openSUSE-SU-2014:0819",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"name" : "USN-2243-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"name" : "USN-2250-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"name" : "67976",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67976"
},
{
"name" : "1030386",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030386"
},
{
"name" : "1030388",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030388"
},
{
"name" : "58984",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58984"
},
{
"name" : "59052",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59052"
},
{
"name" : "59149",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59149"
},
{
"name" : "59150",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59150"
},
{
"name" : "59165",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59165"
},
{
"name" : "59169",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59169"
},
{
"name" : "59170",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59170"
},
{
"name" : "59171",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59171"
},
{
"name" : "59229",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59229"
},
{
"name" : "59275",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59275"
},
{
"name" : "59866",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59866"
},
{
"name" : "59377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59377"
},
{
"name" : "59387",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59387"
},
{
"name" : "59328",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59328"
},
{
"name" : "59425",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59425"
},
{
"name" : "59486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59486"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59229"
},
{
"name": "openSUSE-SU-2014:0819",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html"
},
{
"name": "RHSA-2014:0741",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0741.html"
},
{
"name": "SUSE-SU-2014:0824",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html"
},
{
"name": "59387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59387"
},
{
"name": "59150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59150"
},
{
"name": "1030388",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030388"
},
{
"name": "67976",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67976"
},
{
"name": "59052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59052"
},
{
"name": "openSUSE-SU-2014:0855",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html"
},
{
"name": "openSUSE-SU-2014:0797",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-49.html"
},
{
"name": "59169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59169"
},
{
"name": "59165",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59165"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "59866",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59866"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0742.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0742.html"
},
{
"name": "openSUSE-SU-2014:0858",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html"
},
{
"name": "59377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59377"
},
{
"name": "59149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59149"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1107421",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107421"
},
{
"name": "RHSA-2014:0742",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0742.html"
},
{
"name": "USN-2243-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2243-1"
},
{
"name": "DSA-2960",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2960"
},
{
"name": "DSA-2955",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2955"
},
{
"name": "1030386",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030386"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0741.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0741.html"
},
{
"name": "58984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58984"
},
{
"name": "59170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59170"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1005584"
},
{
"name": "59425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59425"
},
{
"name": "59171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59171"
},
{
"name": "59328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59328"
},
{
"name": "59275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59275"
},
{
"name": "USN-2250-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2250-1"
},
{
"name": "59486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59486"
}
]
}
}

130
2014/1xxx/CVE-2014-1969.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1969",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-1969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "JVN#47386847",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN47386847/index.html"
},
{
"name" : "JVNDB-2014-000035",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000035"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2014-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000035"
},
{
"name": "JVN#47386847",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN47386847/index.html"
}
]
}
}

150
2014/4xxx/CVE-2014-4102.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4102",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-052",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
},
{
"name" : "69610",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69610"
},
{
"name" : "1030818",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030818"
},
{
"name" : "ms-ie-cve20144102-code-exec(95532)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95532"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69610"
},
{
"name": "ms-ie-cve20144102-code-exec(95532)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95532"
},
{
"name": "1030818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030818"
},
{
"name": "MS14-052",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-052"
}
]
}
}

120
2014/4xxx/CVE-2014-4583.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4583",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) order_direction, (3) limit_start, (4) id, or (5) order parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss",
"refsource" : "MISC",
"url" : "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) order_direction, (3) limit_start, (4) id, or (5) order parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss"
}
]
}
}

150
2014/4xxx/CVE-2014-4767.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4767",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681249",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681249"
},
{
"name" : "PI21284",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21284"
},
{
"name" : "69297",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69297"
},
{
"name" : "ibm-websphere-cve20144767-weak-sec(94832)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94832"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-websphere-cve20144767-weak-sec(94832)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94832"
},
{
"name": "69297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69297"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681249",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681249"
},
{
"name": "PI21284",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21284"
}
]
}
}

34
2014/5xxx/CVE-2014-5085.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5085",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5085",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

190
2014/5xxx/CVE-2014-5177.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5177",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://libvirt.org/news.html",
"refsource" : "CONFIRM",
"url" : "http://libvirt.org/news.html"
},
{
"name" : "http://security.libvirt.org/2014/0003.html",
"refsource" : "CONFIRM",
"url" : "http://security.libvirt.org/2014/0003.html"
},
{
"name" : "GLSA-201412-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name" : "RHSA-2014:0560",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"name" : "openSUSE-SU-2014:0650",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name" : "openSUSE-SU-2014:0674",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name" : "USN-2366-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"name" : "60895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60895"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0560",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0560.html"
},
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
},
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "openSUSE-SU-2014:0674",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html"
},
{
"name": "openSUSE-SU-2014:0650",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html"
},
{
"name": "USN-2366-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2366-1"
},
{
"name": "http://security.libvirt.org/2014/0003.html",
"refsource": "CONFIRM",
"url": "http://security.libvirt.org/2014/0003.html"
}
]
}
}

170
2014/5xxx/CVE-2014-5256.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5256",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/",
"refsource" : "CONFIRM",
"url" : "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/"
},
{
"name" : "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356",
"refsource" : "CONFIRM",
"url" : "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684769",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684769"
},
{
"name" : "http://advisories.mageia.org/MGASA-2014-0516.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2014-0516.html"
},
{
"name" : "MDVSA-2015:142",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:142"
},
{
"name" : "61260",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61260"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684769",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684769"
},
{
"name": "61260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61260"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0516.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0516.html"
},
{
"name": "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356",
"refsource": "CONFIRM",
"url": "https://github.com/joyent/node/commit/530af9cb8e700e7596b3ec812bad123c9fa06356"
},
{
"name": "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/",
"refsource": "CONFIRM",
"url": "http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/"
},
{
"name": "MDVSA-2015:142",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:142"
}
]
}
}

130
2015/2xxx/CVE-2015-2612.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2612",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect confidentiality via vectors related to LDAP Security Adapter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "1032916",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032916"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Siebel Core - Server OM Svcs component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect confidentiality via vectors related to LDAP Security Adapter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032916",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032916"
}
]
}
}

142
2016/10xxx/CVE-2016-10536.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2016-10536",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "engine.io-client node module",
"version" : {
"version_data" : [
{
"version_value" : "<= 1.6.8"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the `rejectUnauthorized` setting. If the value is something that evaluates to false, certificate verification will be disabled. This is problematic as engine.io-client 1.6.8 and earlier passes in an object for settings that includes the rejectUnauthorized property, whether it has been set or not. If the value has not been explicitly changed, it will be passed in as `null`, resulting in certificate verification being turned off."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Man-in-the-Middle (CWE-300)"
}
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2016-10536",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "engine.io-client node module",
"version": {
"version_data": [
{
"version_value": "<= 1.6.8"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1",
"refsource" : "MISC",
"url" : "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1"
},
{
"name" : "https://nodesecurity.io/advisories/99",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/99"
},
{
"name" : "https://www.cigital.com/blog/node-js-socket-io/",
"refsource" : "MISC",
"url" : "https://www.cigital.com/blog/node-js-socket-io/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the `rejectUnauthorized` setting. If the value is something that evaluates to false, certificate verification will be disabled. This is problematic as engine.io-client 1.6.8 and earlier passes in an object for settings that includes the rejectUnauthorized property, whether it has been set or not. If the value has not been explicitly changed, it will be passed in as `null`, resulting in certificate verification being turned off."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man-in-the-Middle (CWE-300)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cigital.com/blog/node-js-socket-io/",
"refsource": "MISC",
"url": "https://www.cigital.com/blog/node-js-socket-io/"
},
{
"name": "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1",
"refsource": "MISC",
"url": "https://github.com/socketio/engine.io-client/commit/2c55b278a491bf45313ecc0825cf800e2f7ff5c1"
},
{
"name": "https://nodesecurity.io/advisories/99",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/99"
}
]
}
}

140
2016/3xxx/CVE-2016-3823.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3823",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name" : "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95"
},
{
"name" : "92218",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92218"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/hardware/qcom/media/+/7558d03e6498e970b761aa44fff6b2c659202d95"
},
{
"name": "92218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92218"
}
]
}
}

34
2016/8xxx/CVE-2016-8040.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8040",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8040",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/8xxx/CVE-2016-8140.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8140",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8140",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/8xxx/CVE-2016-8167.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8167",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8167",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/8xxx/CVE-2016-8787.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8787",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8787",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

160
2016/8xxx/CVE-2016-8925.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-8925",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Tivoli Application Dependency Discovery Manager",
"version" : {
"version_data" : [
{
"version_value" : "7.2"
},
{
"version_value" : "7.2.1"
},
{
"version_value" : "7.2.2"
},
{
"version_value" : "7.1.2"
},
{
"version_value" : "7.3"
},
{
"version_value" : "7.2.0"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tivoli Application Dependency Discovery Manager",
"version": {
"version_data": [
{
"version_value": "7.2"
},
{
"version_value": "7.2.1"
},
{
"version_value": "7.2.2"
},
{
"version_value": "7.1.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.2.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E"
},
{
"name" : "97625",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97625"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97625"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E"
}
]
}
}

34
2016/9xxx/CVE-2016-9002.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9002",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9002",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2016/9xxx/CVE-2016-9198.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"ID" : "CVE-2016-9198",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Cisco Identity Services Engine (ISE)",
"version" : {
"version_data" : [
{
"version_value" : "Cisco Identity Services Engine (ISE)"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-9198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Identity Services Engine (ISE)",
"version": {
"version_data": [
{
"version_value": "Cisco Identity Services Engine (ISE)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise",
"refsource" : "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise"
},
{
"name" : "94810",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94810"
},
{
"name" : "1037415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037415"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise"
},
{
"name": "1037415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037415"
},
{
"name": "94810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94810"
}
]
}
}

150
2016/9xxx/CVE-2016-9279.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9279",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9279",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/09/3"
},
{
"name" : "[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/11/11"
},
{
"name" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016",
"refsource" : "CONFIRM",
"url" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016"
},
{
"name" : "94283",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94283"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/11"
},
{
"name": "[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/09/3"
},
{
"name": "94283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94283"
},
{
"name": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016",
"refsource": "CONFIRM",
"url": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016"
}
]
}
}

34
2016/9xxx/CVE-2016-9292.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9292",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9292",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/9xxx/CVE-2016-9309.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9309",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9309",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2016/9xxx/CVE-2016-9341.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9341",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9341",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2019/2xxx/CVE-2019-2374.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2374",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2374",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2629.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2629",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2629",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6061.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6061",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6061",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6189.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6189",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6189",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/6xxx/CVE-2019-6285.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6285",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/jbeder/yaml-cpp/issues/660",
"refsource" : "MISC",
"url" : "https://github.com/jbeder/yaml-cpp/issues/660"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jbeder/yaml-cpp/issues/660",
"refsource": "MISC",
"url": "https://github.com/jbeder/yaml-cpp/issues/660"
}
]
}
}

34
2019/6xxx/CVE-2019-6789.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6789",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6789",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}