admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 07:16:05 +00:00
parent 29fb231139
commit 59378bae3e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
48 changed files with 3778 additions and 3781 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2006/2xxx/CVE-2006-2252.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2252",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2252",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
"lang": "eng",
"value": "Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060506 OpenFAQ - HTML injection and XSS (Cross Site Scripting)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/433120/100/0/threaded"
"name": "850",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/850"
},
{
"name" : "17860",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17860"
"name": "ADV-2006-1684",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1684"
},
{
"name" : "ADV-2006-1684",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1684"
"name": "25350",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25350"
},
{
"name" : "25350",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25350"
"name": "20060506 OpenFAQ - HTML injection and XSS (Cross Site Scripting)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433120/100/0/threaded"
},
{
"name" : "20018",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20018"
"name": "openfaq-submit-xss(26286)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26286"
},
{
"name" : "850",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/850"
"name": "17860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17860"
},
{
"name" : "openfaq-submit-xss(26286)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26286"
"name": "20018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20018"
}
]
}

86
2006/2xxx/CVE-2006-2691.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2691",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2691",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified \"information leakage\" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors."
"lang": "eng",
"value": "Unspecified \"information leakage\" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.amule.org/wiki/index.php/Changelog_2.1.2",
"refsource" : "CONFIRM",
"url" : "http://www.amule.org/wiki/index.php/Changelog_2.1.2"
"name": "18145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18145"
},
{
"name" : "18145",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18145"
"name": "amule-url-information-disclosure(26953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26953"
},
{
"name" : "1016188",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016188"
"name": "1016188",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016188"
},
{
"name" : "20351",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20351"
"name": "20351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20351"
},
{
"name" : "amule-url-information-disclosure(26953)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26953"
"name": "http://www.amule.org/wiki/index.php/Changelog_2.1.2",
"refsource": "CONFIRM",
"url": "http://www.amule.org/wiki/index.php/Changelog_2.1.2"
}
]
}

104
2006/2xxx/CVE-2006-2918.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2918",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2918",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by \"replaying the ViewState for a known number.\""
"lang": "eng",
"value": "The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by \"replaying the ViewState for a known number.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060622 SYMSA-2006-005",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438159/100/0/threaded"
"name": "http://www.symantec.com/enterprise/research/SYMSA-2006-005.txt",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/enterprise/research/SYMSA-2006-005.txt"
},
{
"name" : "http://www.symantec.com/enterprise/research/SYMSA-2006-005.txt",
"refsource" : "CONFIRM",
"url" : "http://www.symantec.com/enterprise/research/SYMSA-2006-005.txt"
"name": "ADV-2006-2518",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2518"
},
{
"name" : "18315",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18315"
"name": "1139",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1139"
},
{
"name" : "ADV-2006-2518",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2518"
"name": "18315",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18315"
},
{
"name" : "1016371",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016371"
"name": "1016371",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016371"
},
{
"name" : "20830",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20830"
"name": "lanap-botdetect-captcha-security-bypass(27409)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27409"
},
{
"name" : "1139",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1139"
"name": "20060622 SYMSA-2006-005",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438159/100/0/threaded"
},
{
"name" : "lanap-botdetect-captcha-security-bypass(27409)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27409"
"name": "20830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20830"
}
]
}

68
2006/2xxx/CVE-2006-2981.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2981",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2981",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972."
"lang": "eng",
"value": "SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.arantius.com/topic/vice+stats",
"refsource" : "CONFIRM",
"url" : "http://www.arantius.com/topic/vice+stats"
"name": "20060612 misinterpretation? (Re: Vice Stats 0.5b SQL injection)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-June/000848.html"
},
{
"name" : "20060612 misinterpretation? (Re: Vice Stats 0.5b SQL injection)",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-June/000848.html"
"name": "http://www.arantius.com/topic/vice+stats",
"refsource": "CONFIRM",
"url": "http://www.arantius.com/topic/vice+stats"
}
]
}

92
2006/3xxx/CVE-2006-3164.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3164",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3164",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the first_row parameter."
"lang": "eng",
"value": "SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the first_row parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2006/06/tplshop-v-20-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/06/tplshop-v-20-vuln.html"
"name": "tplshop-category-sql-injection(27200)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27200"
},
{
"name" : "18524",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18524"
"name": "18524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18524"
},
{
"name" : "ADV-2006-2418",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2418"
"name": "http://pridels0.blogspot.com/2006/06/tplshop-v-20-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/06/tplshop-v-20-vuln.html"
},
{
"name" : "26631",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26631"
"name": "26631",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26631"
},
{
"name" : "20738",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20738"
"name": "ADV-2006-2418",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2418"
},
{
"name" : "tplshop-category-sql-injection(27200)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27200"
"name": "20738",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20738"
}
]
}

68
2006/3xxx/CVE-2006-3272.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3272",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3272",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20770",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20770"
"name": "20770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20770"
},
{
"name" : "somechess-menu-xss(27307)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27307"
"name": "somechess-menu-xss(27307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27307"
}
]
}

92
2006/3xxx/CVE-2006-3300.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3300",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3300",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1948",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1948"
"name": "26885",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26885"
},
{
"name" : "18633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18633"
"name": "20799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20799"
},
{
"name" : "ADV-2006-2590",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2590"
"name": "ADV-2006-2590",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2590"
},
{
"name" : "26885",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26885"
"name": "1948",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1948"
},
{
"name" : "20799",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20799"
"name": "18633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18633"
},
{
"name" : "phpmysms-gateway-file-include(27372)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27372"
"name": "phpmysms-gateway-file-include(27372)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27372"
}
]
}

22
2006/3xxx/CVE-2006-3865.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3865",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-3865",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

92
2006/6xxx/CVE-2006-6479.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6479",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6479",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the email parameter in (1) erreurinscription.php, (2) Templates/admin.dwt.php, (3) Templates/commun.dwt.php, (4) membre.dwt.php, and (5) admin/admin_config/Aide.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the email parameter in (1) erreurinscription.php, (2) Templates/admin.dwt.php, (3) Templates/commun.dwt.php, (4) membre.dwt.php, and (5) admin/admin_config/Aide.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061209 AnnonceScriptHP V2.0 Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/453966/100/0/threaded"
"name": "20061209 AnnonceScriptHP V2.0 Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453966/100/0/threaded"
},
{
"name" : "21514",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21514"
"name": "annoncescripthp-email-xss(30804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30804"
},
{
"name" : "ADV-2006-4940",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4940"
"name": "21514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21514"
},
{
"name" : "23318",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23318"
"name": "23318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23318"
},
{
"name" : "2019",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2019"
"name": "ADV-2006-4940",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4940"
},
{
"name" : "annoncescripthp-email-xss(30804)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30804"
"name": "2019",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2019"
}
]
}

68
2006/6xxx/CVE-2006-6590.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6590",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6590",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2931",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2931"
"name": "armemberscript-usercp-file-include(30891)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30891"
},
{
"name" : "armemberscript-usercp-file-include(30891)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30891"
"name": "2931",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2931"
}
]
}

80
2006/6xxx/CVE-2006-6670.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6670",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6670",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown impact and attack vectors, aka P-2006-0011-GLOBAL."
"lang": "eng",
"value": "Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown impact and attack vectors, aka P-2006-0011-GLOBAL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=363252",
"refsource" : "CONFIRM",
"url" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=363252"
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=363252",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=363252"
},
{
"name" : "21660",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21660"
"name": "23403",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23403"
},
{
"name" : "ADV-2006-5070",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5070"
"name": "ADV-2006-5070",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5070"
},
{
"name" : "23403",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23403"
"name": "21660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21660"
}
]
}

62
2006/6xxx/CVE-2006-6998.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6998",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6998",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERY_STRING, which calls the phpinfo function."
"lang": "eng",
"value": "install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERY_STRING, which calls the phpinfo function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt",
"refsource" : "MISC",
"url" : "http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt"
"name": "http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt",
"refsource": "MISC",
"url": "http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt"
}
]
}

140
2011/1xxx/CVE-2011-1657.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1657",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1657",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND."
"lang": "eng",
"value": "The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110819 PHP 5.3.6 ZipArchive invalid use glob(3)",
"refsource" : "SREASONRES",
"url" : "http://securityreason.com/achievement_securityalert/100"
"name": "[oss-security] 20110701 php ZipArchive::addGlob() crashes on invalid flags",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/6"
},
{
"name" : "20110819 PHP 5.3.6 ZipArchive invalid use glob(3)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/519385/100/0/threaded"
"name": "https://bugs.php.net/bug.php?id=54681",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=54681"
},
{
"name" : "[oss-security] 20110701 Re: Re: php ZipArchive::addGlob() crashes on invalid flags",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/07/01/8"
"name": "http://support.apple.com/kb/HT5130",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5130"
},
{
"name" : "[oss-security] 20110701 Re: php ZipArchive::addGlob() crashes on invalid flags",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/07/01/7"
"name": "MDVSA-2011:165",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"name" : "[oss-security] 20110701 php ZipArchive::addGlob() crashes on invalid flags",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/07/01/6"
"name": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log"
},
{
"name" : "http://svn.php.net/viewvc/?view=revision&revision=310814",
"refsource" : "CONFIRM",
"url" : "http://svn.php.net/viewvc/?view=revision&revision=310814"
"name": "APPLE-SA-2012-02-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log",
"refsource" : "CONFIRM",
"url" : "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log"
"name": "http://svn.php.net/viewvc/?view=revision&revision=310814",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc/?view=revision&revision=310814"
},
{
"name" : "https://bugs.php.net/bug.php?id=54681",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=54681"
"name": "20110819 PHP 5.3.6 ZipArchive invalid use glob(3)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/100"
},
{
"name" : "http://support.apple.com/kb/HT5130",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5130"
"name": "49252",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49252"
},
{
"name" : "APPLE-SA-2012-02-01-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
"name": "[oss-security] 20110701 Re: php ZipArchive::addGlob() crashes on invalid flags",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/7"
},
{
"name" : "MDVSA-2011:165",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
"name": "[oss-security] 20110701 Re: Re: php ZipArchive::addGlob() crashes on invalid flags",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/8"
},
{
"name" : "49252",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49252"
"name": "8342",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8342"
},
{
"name" : "8342",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8342"
"name": "20110819 PHP 5.3.6 ZipArchive invalid use glob(3)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519385/100/0/threaded"
},
{
"name" : "php-ziparchiveaddglob-dos(69320)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/69320"
"name": "php-ziparchiveaddglob-dos(69320)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69320"
}
]
}

158
2011/3xxx/CVE-2011-3038.json
View File

@ -1,141 +1,141 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3038",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3038",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling."
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=113497",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=113497"
"name": "chrome-multicloumn-code-exec(73649)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73649"
},
{
"name" : "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html"
"name": "http://support.apple.com/kb/HT5485",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5485"
},
{
"name" : "http://support.apple.com/kb/HT5400",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400"
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name" : "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5485"
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
},
{
"name" : "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503"
"name": "1026759",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026759"
},
{
"name" : "APPLE-SA-2012-07-25-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
"name": "48527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48527"
},
{
"name" : "APPLE-SA-2012-09-12-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
"name": "48265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48265"
},
{
"name" : "APPLE-SA-2012-09-19-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name": "48419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48419"
},
{
"name" : "GLSA-201203-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201203-19.xml"
"name": "openSUSE-SU-2012:0374",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html"
},
{
"name" : "openSUSE-SU-2012:0374",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html"
"name": "http://code.google.com/p/chromium/issues/detail?id=113497",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=113497"
},
{
"name" : "52271",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52271"
"name": "APPLE-SA-2012-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"name" : "oval:org.mitre.oval:def:15106",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15106"
"name": "APPLE-SA-2012-07-25-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"name" : "1026759",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026759"
"name": "52271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52271"
},
{
"name" : "48527",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48527"
"name": "GLSA-201203-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201203-19.xml"
},
{
"name" : "48419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48419"
"name": "http://support.apple.com/kb/HT5400",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5400"
},
{
"name" : "48265",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48265"
"name": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html"
},
{
"name" : "chrome-multicloumn-code-exec(73649)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73649"
"name": "oval:org.mitre.oval:def:15106",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15106"
}
]
}

128
2011/3xxx/CVE-2011-3057.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3057",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3057",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation."
"lang": "eng",
"value": "Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=117794",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=117794"
"name": "1026877",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026877"
},
{
"name" : "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
"name": "48527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48527"
},
{
"name" : "GLSA-201203-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201203-19.xml"
"name": "48618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48618"
},
{
"name" : "52674",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52674"
"name": "48691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48691"
},
{
"name" : "oval:org.mitre.oval:def:14385",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14385"
"name": "oval:org.mitre.oval:def:14385",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14385"
},
{
"name" : "1026877",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026877"
"name": "http://code.google.com/p/chromium/issues/detail?id=117794",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=117794"
},
{
"name" : "48512",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48512"
"name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html"
},
{
"name" : "48527",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48527"
"name": "52674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52674"
},
{
"name" : "48618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48618"
"name": "GLSA-201203-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201203-19.xml"
},
{
"name" : "48691",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48691"
"name": "google-chrome-v8-ce(74217)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74217"
},
{
"name" : "48763",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48763"
"name": "48512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48512"
},
{
"name" : "google-chrome-v8-ce(74217)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74217"
"name": "48763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48763"
}
]
}

74
2011/3xxx/CVE-2011-3381.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3381",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-3381",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.phorum.org/phorum5/read.php?64,147504",
"refsource" : "MISC",
"url" : "http://www.phorum.org/phorum5/read.php?64,147504"
"name": "JVN#71435255",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN71435255/index.html"
},
{
"name" : "JVN#71435255",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN71435255/index.html"
"name": "http://www.phorum.org/phorum5/read.php?64,147504",
"refsource": "MISC",
"url": "http://www.phorum.org/phorum5/read.php?64,147504"
},
{
"name" : "JVNDB-2011-000068",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000068"
"name": "JVNDB-2011-000068",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000068"
}
]
}

22
2011/3xxx/CVE-2011-3622.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3622",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3622",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2011/4xxx/CVE-2011-4240.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4240",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4240",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2011/4xxx/CVE-2011-4794.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4794",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4794",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

62
2011/4xxx/CVE-2011-4871.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4871",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4871",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
"lang": "eng",
"value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
]
}

86
2011/4xxx/CVE-2011-4961.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4961",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4961",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote authenticated users with the EDIT_PERMISSIONS permission to gain administrator privileges via a TreeMultiselectField that includes admin groups when adding a user to the selected groups."
"lang": "eng",
"value": "SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote authenticated users with the EDIT_PERMISSIONS permission to gain administrator privileges via a TreeMultiselectField that includes admin groups when adding a user to the selected groups."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1"
"name": "https://github.com/silverstripe/sapphire/commit/de1f070",
"refsource": "CONFIRM",
"url": "https://github.com/silverstripe/sapphire/commit/de1f070"
},
{
"name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3"
"name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name" : "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.3.12",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.3.12"
"name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name" : "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.4.6",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.4.6"
"name": "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.3.12",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.3.12"
},
{
"name" : "https://github.com/silverstripe/sapphire/commit/de1f070",
"refsource" : "CONFIRM",
"url" : "https://github.com/silverstripe/sapphire/commit/de1f070"
"name": "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.4.6",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/framework/en/trunk/changelogs/2.4.6"
}
]
}

92
2013/5xxx/CVE-2013-5199.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5199",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2013-5199",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
"lang": "eng",
"value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT6162",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6162"
"name": "APPLE-SA-2013-12-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
},
{
"name" : "http://support.apple.com/kb/HT6163",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6163"
"name": "http://support.apple.com/kb/HT6163",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6163"
},
{
"name" : "https://support.apple.com/kb/HT6537",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6537"
"name": "https://support.apple.com/kb/HT6537",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6537"
},
{
"name" : "APPLE-SA-2013-12-16-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
"name": "64361",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64361"
},
{
"name" : "APPLE-SA-2013-12-16-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
"name": "http://support.apple.com/kb/HT6162",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6162"
},
{
"name" : "64361",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64361"
"name": "APPLE-SA-2013-12-16-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
}
]
}

176
2013/5xxx/CVE-2013-5888.json
View File

@ -1,156 +1,156 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5888",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5888",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
"name": "SSRT101455",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
},
{
"name" : "HPSBUX02972",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "RHSA-2014:0135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name" : "HPSBUX02973",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name" : "SSRT101454",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "102023",
"refsource": "OSVDB",
"url": "http://osvdb.org/102023"
},
{
"name" : "SSRT101455",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name" : "RHSA-2014:0030",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name" : "RHSA-2014:0134",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
"name": "oracle-cpujan2014-cve20135888(90354)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90354"
},
{
"name" : "RHSA-2014:0135",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "RHSA-2014:0414",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name" : "SUSE-SU-2014:0246",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "SUSE-SU-2014:0266",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
"name": "SUSE-SU-2014:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name" : "SUSE-SU-2014:0451",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
"name": "HPSBUX02973",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name" : "64925",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64925"
"name": "SUSE-SU-2014:0266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name" : "102023",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102023"
"name": "64925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64925"
},
{
"name" : "1029608",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029608"
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name" : "56485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56485"
"name": "SUSE-SU-2014:0246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name" : "56535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56535"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name" : "oracle-cpujan2014-cve20135888(90354)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90354"
"name": "RHSA-2014:0134",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
}
]
}

182
2013/5xxx/CVE-2013-5893.json
View File

@ -1,161 +1,161 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5893",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5893",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498",
"refsource" : "MISC",
"url" : "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498"
"name": "56432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56432"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
"name": "openSUSE-SU-2014:0174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051549",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1051549"
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name" : "HPSBUX02972",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name" : "SSRT101454",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
"name": "102000",
"refsource": "OSVDB",
"url": "http://osvdb.org/102000"
},
{
"name" : "RHSA-2014:0026",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name" : "RHSA-2014:0027",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name" : "RHSA-2014:0030",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "openSUSE-SU-2014:0174",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name" : "openSUSE-SU-2014:0177",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
},
{
"name" : "openSUSE-SU-2014:0180",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
"name": "RHSA-2014:0027",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name" : "USN-2089-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2089-1"
"name": "56486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56486"
},
{
"name" : "64758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64758"
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name" : "64863",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/64863"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549"
},
{
"name" : "102000",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102000"
"name": "64863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64863"
},
{
"name" : "1029608",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029608"
"name": "RHSA-2014:0026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name" : "56432",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56432"
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name" : "56485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56485"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name" : "56486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56486"
"name": "openSUSE-SU-2014:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name" : "56535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56535"
"name": "openSUSE-SU-2014:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
]
}

128
2014/2xxx/CVE-2014-2324.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2324",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2324",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/564"
"name": "http://www.lighttpd.net/2014/3/12/1.4.35/",
"refsource": "CONFIRM",
"url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
},
{
"name" : "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/561"
"name": "66157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66157"
},
{
"name" : "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
"refsource" : "CONFIRM",
"url" : "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
"name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
"refsource": "CONFIRM",
"url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
},
{
"name" : "http://www.lighttpd.net/2014/3/12/1.4.35/",
"refsource" : "CONFIRM",
"url" : "http://www.lighttpd.net/2014/3/12/1.4.35/"
"name": "DSA-2877",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2877"
},
{
"name" : "DSA-2877",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2877"
"name": "openSUSE-SU-2014:0449",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
},
{
"name" : "HPSBGN03191",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=141576815022399&w=2"
"name": "57514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57514"
},
{
"name" : "openSUSE-SU-2014:0449",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
"name": "HPSBGN03191",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"
},
{
"name" : "SUSE-SU-2014:0474",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
"name": "openSUSE-SU-2014:0496",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
},
{
"name" : "openSUSE-SU-2014:0496",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
"name": "SUSE-SU-2014:0474",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
},
{
"name" : "66157",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66157"
"name": "57404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57404"
},
{
"name" : "57404",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57404"
"name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/564"
},
{
"name" : "57514",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57514"
"name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/561"
}
]
}

98
2014/2xxx/CVE-2014-2338.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2338",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2338",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established."
"lang": "eng",
"value": "IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html",
"refsource" : "CONFIRM",
"url" : "http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html"
"name": "openSUSE-SU-2014:0697",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html"
},
{
"name" : "DSA-2903",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2903"
"name": "SUSE-SU-2014:0529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00010.html"
},
{
"name" : "SUSE-SU-2014:0529",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00010.html"
"name": "openSUSE-SU-2014:0700",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html"
},
{
"name" : "openSUSE-SU-2014:0697",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html"
"name": "DSA-2903",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2903"
},
{
"name" : "openSUSE-SU-2014:0700",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html"
"name": "57823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57823"
},
{
"name" : "66815",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66815"
"name": "66815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66815"
},
{
"name" : "57823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57823"
"name": "http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html",
"refsource": "CONFIRM",
"url": "http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html"
}
]
}

86
2014/2xxx/CVE-2014-2821.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2821",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-2821",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-051",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
"name": "1030715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030715"
},
{
"name" : "69117",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69117"
"name": "ms-ie-cve20142821-code-exec(94978)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94978"
},
{
"name" : "1030715",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030715"
"name": "MS14-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
},
{
"name" : "60670",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60670"
"name": "69117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69117"
},
{
"name" : "ms-ie-cve20142821-code-exec(94978)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94978"
"name": "60670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60670"
}
]
}

22
2014/2xxx/CVE-2014-2875.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2875",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2875",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/2xxx/CVE-2014-2907.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2907",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2907",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
"lang": "eng",
"value": "The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2014-06.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2014-06.html"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9885"
"name": "openSUSE-SU-2014:0612",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00022.html"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7"
"name": "http://www.wireshark.org/security/wnpa-sec-2014-06.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2014-06.html"
},
{
"name" : "openSUSE-SU-2014:0612",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00022.html"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=30ba425e7e95f7b61b3a3e5ff0c46e4be9d3d8d7"
}
]
}

74
2014/6xxx/CVE-2014-6023.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6023",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6023",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#352641",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/352641"
},
{
"name" : "VU#352641",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/352641"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

80
2014/6xxx/CVE-2014-6529.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "70513",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70513"
"name": "1031032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031032"
},
{
"name" : "1031032",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031032"
"name": "61593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61593"
},
{
"name" : "61593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61593"
"name": "70513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70513"
}
]
}

338
2014/6xxx/CVE-2014-6558.json
View File

@ -1,291 +1,291 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6558",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6558",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "60414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60414"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1633.html"
"name": "RHSA-2014:1880",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1634.html"
"name": "RHSA-2014:1657",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1636"
"name": "RHSA-2014:1877",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
"name": "61609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61609"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10092",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10092"
"name": "61928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61928"
},
{
"name" : "DSA-3077",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3077"
"name": "61163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61163"
},
{
"name" : "DSA-3080",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3080"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name" : "GLSA-201502-12",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml"
"name": "USN-2386-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"name" : "HPSBUX03218",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
"name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name" : "SSRT101770",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
"name": "USN-2388-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name" : "RHSA-2014:1620",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
"name": "HPSBUX03218",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
},
{
"name" : "RHSA-2014:1633",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
"name": "RHSA-2014:1881",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name" : "RHSA-2014:1634",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
"name": "61629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61629"
},
{
"name" : "RHSA-2014:1636",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
"name": "SUSE-SU-2014:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name" : "RHSA-2014:1657",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
"name": "61018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61018"
},
{
"name" : "RHSA-2014:1658",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name" : "RHSA-2014:1876",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
"name": "RHSA-2014:1876",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name" : "RHSA-2014:1877",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
"name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name" : "RHSA-2014:1880",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
"name": "61346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61346"
},
{
"name" : "RHSA-2014:1881",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name" : "RHSA-2014:1882",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10092",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10092"
},
{
"name" : "RHSA-2015:0264",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
"name": "RHSA-2014:1634",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name" : "SUSE-SU-2014:1422",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
"name": "USN-2388-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name" : "SUSE-SU-2014:1526",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
"name": "SUSE-SU-2014:1422",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name" : "SUSE-SU-2014:1549",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
"name": "70544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70544"
},
{
"name" : "SUSE-SU-2015:0344",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
"name": "DSA-3080",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name" : "SUSE-SU-2015:0345",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name" : "SUSE-SU-2015:0376",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
"name": "SUSE-SU-2014:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name" : "SUSE-SU-2015:0392",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
"name": "SUSE-SU-2015:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name" : "USN-2386-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2386-1"
"name": "60416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60416"
},
{
"name" : "USN-2388-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2388-1"
"name": "RHSA-2014:1882",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name" : "USN-2388-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2388-2"
"name": "RHSA-2014:1633",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name" : "70544",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70544"
"name": "RHSA-2014:1636",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"name" : "60414",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60414"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "60416",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60416"
"name": "RHSA-2014:1658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name" : "60417",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60417"
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name" : "61018",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61018"
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
},
{
"name" : "61020",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61020"
"name": "DSA-3077",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"name" : "61143",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61143"
"name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name" : "61629",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61629"
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name" : "61631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61631"
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name" : "61163",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61163"
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name" : "61164",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61164"
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name" : "61346",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61346"
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name" : "61609",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61609"
"name": "61631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61631"
},
{
"name" : "61928",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61928"
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}

74
2014/6xxx/CVE-2014-6996.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6996",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6996",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#176201",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/176201"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#176201",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/176201"
}
]
}

74
2014/7xxx/CVE-2014-7689.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7689",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7689",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#780585",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/780585"
"name": "VU#780585",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/780585"
}
]
}

74
2017/0xxx/CVE-2017-0099.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0099",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0099",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Hyper-V",
"version" : {
"version_data" : [
"product_name": "Hyper-V",
"version": {
"version_data": [
{
"version_value" : "Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016"
"version_value": "Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka \"Hyper-V Denial of Service Vulnerability.\" This vulnerability is different from those described in CVE-2017-0098, CVE-2017-0074, CVE-2017-0076, and CVE-2017-0097."
"lang": "eng",
"value": "Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka \"Hyper-V Denial of Service Vulnerability.\" This vulnerability is different from those described in CVE-2017-0098, CVE-2017-0074, CVE-2017-0076, and CVE-2017-0097."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099"
"name": "96640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96640"
},
{
"name" : "96640",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96640"
"name": "1037999",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037999"
},
{
"name" : "1037999",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037999"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099"
}
]
}

68
2017/0xxx/CVE-2017-0182.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0182",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0182",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Hyper-V",
"version" : {
"version_data" : [
"product_name": "Hyper-V",
"version": {
"version_data": [
{
"version_value" : "Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016"
"version_value": "Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka \"Hyper-V Denial of Service Vulnerability.\" This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186."
"lang": "eng",
"value": "A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka \"Hyper-V Denial of Service Vulnerability.\" This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0182",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0182"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0182",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0182"
},
{
"name" : "97427",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97427"
"name": "97427",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97427"
}
]
}

80
2017/0xxx/CVE-2017-0375.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@debian.org",
"ID" : "CVE-2017-0375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-0375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Tor before 0.3.0.8",
"version" : {
"version_data" : [
"product_name": "Tor before 0.3.0.8",
"version": {
"version_data": [
{
"version_value" : "Tor before 0.3.0.8"
"version_value": "Tor before 0.3.0.8"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell."
"lang": "eng",
"value": "The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "reachable assertion"
"lang": "eng",
"value": "reachable assertion"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7",
"refsource" : "CONFIRM",
"url" : "https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7"
"name": "https://trac.torproject.org/projects/tor/ticket/22493",
"refsource": "CONFIRM",
"url": "https://trac.torproject.org/projects/tor/ticket/22493"
},
{
"name" : "https://lists.torproject.org/pipermail/tor-announce/2017-June/000131.html",
"refsource" : "CONFIRM",
"url" : "https://lists.torproject.org/pipermail/tor-announce/2017-June/000131.html"
"name": "99017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99017"
},
{
"name" : "https://trac.torproject.org/projects/tor/ticket/22493",
"refsource" : "CONFIRM",
"url" : "https://trac.torproject.org/projects/tor/ticket/22493"
"name": "https://lists.torproject.org/pipermail/tor-announce/2017-June/000131.html",
"refsource": "CONFIRM",
"url": "https://lists.torproject.org/pipermail/tor-announce/2017-June/000131.html"
},
{
"name" : "99017",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99017"
"name": "https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7",
"refsource": "CONFIRM",
"url": "https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7"
}
]
}

25
2017/1000xxx/CVE-2017-1000057.json
View File

@ -1,20 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.308807",
"ID" : "CVE-2017-1000057",
"REQUESTER" : "john.bjorkhaug@nttsecurity.com",
"STATE" : "REJECT",
"STATE_DETAIL" : "BAD_REF_URL"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1000057",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA due to lack of a reference providing provenance. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA due to lack of a reference providing provenance. Notes: none."
}
]
}

96
2017/1000xxx/CVE-2017-1000479.json
View File

@ -1,88 +1,88 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-12-29",
"ID" : "CVE-2017-1000479",
"REQUESTER" : "franco@opnsense.org",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000479",
"REQUESTER": "franco@opnsense.org",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "pfSense",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "< 2.4.2"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Netgate"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under \"possibly insecure\" suspicions."
"lang": "eng",
"value": "pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under \"possibly insecure\" suspicions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Clickjacking"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/11/22/7"
"name": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes",
"refsource": "MISC",
"url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes"
},
{
"name" : "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes",
"refsource" : "MISC",
"url" : "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes"
"name": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html",
"refsource": "MISC",
"url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html"
},
{
"name" : "https://github.com/opnsense/core/commit/d218b225",
"refsource" : "MISC",
"url" : "https://github.com/opnsense/core/commit/d218b225"
"name": "https://github.com/opnsense/core/commit/d218b225",
"refsource": "MISC",
"url": "https://github.com/opnsense/core/commit/d218b225"
},
{
"name" : "https://github.com/pfsense/pfsense/commit/386d89b07",
"refsource" : "MISC",
"url" : "https://github.com/pfsense/pfsense/commit/386d89b07"
"name": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html",
"refsource": "MISC",
"url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html"
},
{
"name" : "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html",
"refsource" : "MISC",
"url" : "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html"
"name": "https://github.com/pfsense/pfsense/commit/386d89b07",
"refsource": "MISC",
"url": "https://github.com/pfsense/pfsense/commit/386d89b07"
},
{
"name" : "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html",
"refsource" : "MISC",
"url" : "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html"
"name": "[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/11/22/7"
}
]
}

66
2017/1000xxx/CVE-2017-1000483.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-12-29",
"ID" : "CVE-2017-1000483",
"REQUESTER" : "security@plone.org",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000483",
"REQUESTER": "security@plone.org",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Plone / RestrictedPython",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "2.5-5.1rc1"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Plone Foundation"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5."
"lang": "eng",
"value": "Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Sandbox Escape"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://plone.org/security/hotfix/20171128/sandbox-escape",
"refsource" : "MISC",
"url" : "https://plone.org/security/hotfix/20171128/sandbox-escape"
"name": "https://plone.org/security/hotfix/20171128/sandbox-escape",
"refsource": "MISC",
"url": "https://plone.org/security/hotfix/20171128/sandbox-escape"
}
]
}

64
2017/18xxx/CVE-2017-18083.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-02T00:00:00",
"ID" : "CVE-2017-18083",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-02T00:00:00",
"ID": "CVE-2017-18083",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Confluence",
"version" : {
"version_data" : [
"product_name": "Confluence",
"version": {
"version_data": [
{
"version_value" : "prior to 6.4.0"
"version_value": "prior to 6.4.0"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file."
"lang": "eng",
"value": "The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/CONFSERVER-54903",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CONFSERVER-54903"
"name": "https://jira.atlassian.com/browse/CONFSERVER-54903",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/CONFSERVER-54903"
}
]
}

68
2017/18xxx/CVE-2017-18319.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"ID" : "CVE-2017-18319",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2017-18319",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
"version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
"lang": "eng",
"value": "Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Key Management Errors in Modem"
"lang": "eng",
"value": "Key Management Errors in Modem"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106128",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106128"
"name": "106128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106128"
}
]
}

22
2017/1xxx/CVE-2017-1020.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1020",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1020",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

180
2017/1xxx/CVE-2017-1749.json
View File

@ -1,204 +1,204 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-08-06T00:00:00",
"ID" : "CVE-2017-1749",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-08-06T00:00:00",
"ID": "CVE-2017-1749",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "UrbanCode Deploy",
"version" : {
"version_data" : [
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value" : "6.1.0.2"
"version_value": "6.1.0.2"
},
{
"version_value" : "6.1"
"version_value": "6.1"
},
{
"version_value" : "6.1.0.1"
"version_value": "6.1.0.1"
},
{
"version_value" : "6.1.0.3"
"version_value": "6.1.0.3"
},
{
"version_value" : "6.1.0.4"
"version_value": "6.1.0.4"
},
{
"version_value" : "6.1.1"
"version_value": "6.1.1"
},
{
"version_value" : "6.1.1.1"
"version_value": "6.1.1.1"
},
{
"version_value" : "6.1.1.2"
"version_value": "6.1.1.2"
},
{
"version_value" : "6.1.1.3"
"version_value": "6.1.1.3"
},
{
"version_value" : "6.1.1.4"
"version_value": "6.1.1.4"
},
{
"version_value" : "6.1.1.5"
"version_value": "6.1.1.5"
},
{
"version_value" : "6.1.1.6"
"version_value": "6.1.1.6"
},
{
"version_value" : "6.1.1.7"
"version_value": "6.1.1.7"
},
{
"version_value" : "6.1.2"
"version_value": "6.1.2"
},
{
"version_value" : "6.1.1.8"
"version_value": "6.1.1.8"
},
{
"version_value" : "6.1.3"
"version_value": "6.1.3"
},
{
"version_value" : "6.1.3.1"
"version_value": "6.1.3.1"
},
{
"version_value" : "6.2"
"version_value": "6.2"
},
{
"version_value" : "6.2.0.1"
"version_value": "6.2.0.1"
},
{
"version_value" : "6.1.3.2"
"version_value": "6.1.3.2"
},
{
"version_value" : "6.2.0.2"
"version_value": "6.2.0.2"
},
{
"version_value" : "6.2.1"
"version_value": "6.2.1"
},
{
"version_value" : "6.2.1.1"
"version_value": "6.2.1.1"
},
{
"version_value" : "6.1.3.3"
"version_value": "6.1.3.3"
},
{
"version_value" : "6.2.1.2"
"version_value": "6.2.1.2"
},
{
"version_value" : "6.2.2"
"version_value": "6.2.2"
},
{
"version_value" : "6.2.2.1"
"version_value": "6.2.2.1"
},
{
"version_value" : "6.2.3.0"
"version_value": "6.2.3.0"
},
{
"version_value" : "6.2.3.1"
"version_value": "6.2.3.1"
},
{
"version_value" : "6.1.3.4"
"version_value": "6.1.3.4"
},
{
"version_value" : "6.1.3.5"
"version_value": "6.1.3.5"
},
{
"version_value" : "6.2.4"
"version_value": "6.2.4"
},
{
"version_value" : "6.1.3.6"
"version_value": "6.1.3.6"
},
{
"version_value" : "6.2.4.1"
"version_value": "6.2.4.1"
},
{
"version_value" : "6.2.4.2"
"version_value": "6.2.4.2"
},
{
"version_value" : "6.2.5"
"version_value": "6.2.5"
},
{
"version_value" : "6.2.5.1"
"version_value": "6.2.5.1"
},
{
"version_value" : "6.2.5.2"
"version_value": "6.2.5.2"
},
{
"version_value" : "6.2.6.0"
"version_value": "6.2.6.0"
},
{
"version_value" : "6.2.6.1"
"version_value": "6.2.6.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522."
"lang": "eng",
"value": "IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "N",
"I" : "L",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "N",
"I": "L",
"PR": "N",
"S": "U",
"SCORE": "5.300",
"UI": "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "File Manipulation"
"lang": "eng",
"value": "File Manipulation"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=swg2C1000374",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=swg2C1000374"
"name": "ibm-ucd-cve20171749-path-traversal(135522)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/135522"
},
{
"name" : "ibm-ucd-cve20171749-path-traversal(135522)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135522"
"name": "https://www.ibm.com/support/docview.wss?uid=swg2C1000374",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg2C1000374"
}
]
}

22
2017/4xxx/CVE-2017-4105.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4105",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4105",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4661.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4661",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4661",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

74
2017/5xxx/CVE-2017-5184.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@microfocus.com",
"ID" : "CVE-2017-5184",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2017-5184",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "NetIQ Sentinel Server",
"version" : {
"version_data" : [
"product_name": "NetIQ Sentinel Server",
"version": {
"version_data": [
{
"version_value" : "NetIQ Sentinel Server"
"version_value": "NetIQ Sentinel Server"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration)."
"lang": "eng",
"value": "A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "leakage of information"
"lang": "eng",
"value": "leakage of information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.tenable.com/security/research/tra-2017-15",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2017-15"
"name": "https://www.tenable.com/security/research/tra-2017-15",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-15"
},
{
"name" : "https://www.netiq.com/support/kb/doc.php?id=7018753",
"refsource" : "CONFIRM",
"url" : "https://www.netiq.com/support/kb/doc.php?id=7018753"
"name": "97262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97262"
},
{
"name" : "97262",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97262"
"name": "https://www.netiq.com/support/kb/doc.php?id=7018753",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7018753"
}
]
}

98
2017/5xxx/CVE-2017-5399.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2017-5399",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2017-5399",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "52"
"version_affected": "<",
"version_value": "52"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "52"
"version_affected": "<",
"version_value": "52"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
"vendor_name": "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunderbird < 52."
"lang": "eng",
"value": "Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunderbird < 52."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Thunderbird 52"
"lang": "eng",
"value": "Memory safety bugs fixed in Thunderbird 52"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513"
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-05/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-05/"
"name": "https://www.mozilla.org/security/advisories/mfsa2017-09/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-09/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-09/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-09/"
"name": "https://www.mozilla.org/security/advisories/mfsa2017-05/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-05/"
},
{
"name" : "96692",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96692"
"name": "1037966",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037966"
},
{
"name" : "1037966",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037966"
"name": "96692",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96692"
}
]
}