admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:19:07 +00:00
parent c59d61c16f
commit 6b8783be5e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 4298 additions and 4298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2006/1xxx/CVE-2006-1229.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1229",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1229",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "ADV-2006-0914",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0914"
"name": "19191",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19191"
},
{
"name" : "23802",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23802"
"name": "hosting-controller-search-sql-injection(25140)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25140"
},
{
"name" : "19191",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19191"
"name": "23802",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23802"
},
{
"name" : "hosting-controller-search-sql-injection(25140)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25140"
"name": "ADV-2006-0914",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0914"
}
]
}

104
2006/1xxx/CVE-2006-1372.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1372",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1372",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels0.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html"
"name": "http://pridels0.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html"
},
{
"name" : "17193",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17193"
"name": "1webcalendar-multiple-sql-injection(25373)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25373"
},
{
"name" : "ADV-2006-1040",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1040"
"name": "24023",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24023"
},
{
"name" : "24021",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24021"
"name": "17193",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17193"
},
{
"name" : "24022",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24022"
"name": "19329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19329"
},
{
"name" : "24023",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24023"
"name": "ADV-2006-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1040"
},
{
"name" : "19329",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19329"
"name": "24021",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24021"
},
{
"name" : "1webcalendar-multiple-sql-injection(25373)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25373"
"name": "24022",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24022"
}
]
}

92
2006/1xxx/CVE-2006-1769.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1769",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1769",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila 9.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the mode parameter in msgReader$1 and (2) the end of the URI in viewDepartment$."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila 9.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the mode parameter in msgReader$1 and (2) the end of the URI in viewDepartment$."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060411 Manila <= 9.5 - XSS Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430668/100/0/threaded"
"name": "manila-multiple-xss(25753)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25753"
},
{
"name" : "17475",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17475"
"name": "17475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17475"
},
{
"name" : "24554",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24554"
"name": "24554",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24554"
},
{
"name" : "19636",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19636"
"name": "19636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19636"
},
{
"name" : "692",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/692"
"name": "692",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/692"
},
{
"name" : "manila-multiple-xss(25753)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25753"
"name": "20060411 Manila <= 9.5 - XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430668/100/0/threaded"
}
]
}

92
2006/1xxx/CVE-2006-1820.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1820",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1820",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060414 Vulnerabilities in MODx",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431010/100/0/threaded"
"name": "19645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19645"
},
{
"name" : "17533",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17533"
"name": "20060414 Vulnerabilities in MODx",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431010/100/0/threaded"
},
{
"name" : "ADV-2006-1383",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1383"
"name": "ADV-2006-1383",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1383"
},
{
"name" : "1015940",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015940"
"name": "modx-index-xss(25894)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25894"
},
{
"name" : "19645",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19645"
"name": "17533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17533"
},
{
"name" : "modx-index-xss(25894)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25894"
"name": "1015940",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015940"
}
]
}

116
2006/1xxx/CVE-2006-1872.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1872",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1872",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
"name": "19712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19712"
},
{
"name" : "HPSBMA02113",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
"name": "19859",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19859"
},
{
"name" : "SSRT061148",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
},
{
"name" : "17590",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17590"
"name": "ADV-2006-1571",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1571"
},
{
"name" : "ADV-2006-1397",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1397"
"name": "17590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17590"
},
{
"name" : "ADV-2006-1571",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1571"
"name": "SSRT061148",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"name" : "1015961",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015961"
"name": "oracle-database-multiple-unspecified(26068)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26068"
},
{
"name" : "19712",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19712"
"name": "ADV-2006-1397",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1397"
},
{
"name" : "19859",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19859"
"name": "HPSBMA02113",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"name" : "oracle-database-multiple-unspecified(26068)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26068"
"name": "1015961",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015961"
}
]
}

86
2006/5xxx/CVE-2006-5411.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5411",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5411",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs."
"lang": "eng",
"value": "Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061005 FreeWPS File Upload Command Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447870/100/200/threaded"
"name": "freewps-upload-file-upload(29379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29379"
},
{
"name" : "20494",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20494"
"name": "20061005 FreeWPS File Upload Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447870/100/200/threaded"
},
{
"name" : "19343",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19343"
"name": "19343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19343"
},
{
"name" : "1746",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1746"
"name": "20494",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20494"
},
{
"name" : "freewps-upload-file-upload(29379)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29379"
"name": "1746",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1746"
}
]
}

98
2006/5xxx/CVE-2006-5681.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5681",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5681",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects."
"lang": "eng",
"value": "QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://docs.info.apple.com/article.html?artnum=304916",
"refsource" : "MISC",
"url" : "http://docs.info.apple.com/article.html?artnum=304916"
"name": "32380",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32380"
},
{
"name" : "APPLE-SA-2006-12-19",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2006/Dec/msg00000.html"
"name": "1017402",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017402"
},
{
"name" : "21672",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21672"
"name": "23438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23438"
},
{
"name" : "ADV-2006-5072",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5072"
"name": "ADV-2006-5072",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5072"
},
{
"name" : "32380",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/32380"
"name": "21672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21672"
},
{
"name" : "1017402",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017402"
"name": "http://docs.info.apple.com/article.html?artnum=304916",
"refsource": "MISC",
"url": "http://docs.info.apple.com/article.html?artnum=304916"
},
{
"name" : "23438",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23438"
"name": "APPLE-SA-2006-12-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2006/Dec/msg00000.html"
}
]
}

86
2006/5xxx/CVE-2006-5943.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5943",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5943",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote attackers to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote attackers to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061114 Inventory Manager [injection sql & xss (get)]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451553/100/0/threaded"
"name": "20061114 Inventory Manager [injection sql & xss (get)]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451553/100/0/threaded"
},
{
"name" : "21069",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21069"
"name": "inventorymanager-imager-sql-injection(30275)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30275"
},
{
"name" : "22915",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22915"
"name": "1875",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1875"
},
{
"name" : "1875",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1875"
"name": "22915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22915"
},
{
"name" : "inventorymanager-imager-sql-injection(30275)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30275"
"name": "21069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21069"
}
]
}

152
2007/2xxx/CVE-2007-2028.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2028",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2028",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures."
"lang": "eng",
"value": "Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.freeradius.org/security.html",
"refsource" : "CONFIRM",
"url" : "http://www.freeradius.org/security.html"
"name": "2007-0013",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name" : "GLSA-200704-14",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200704-14.xml"
"name": "oval:org.mitre.oval:def:11156",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
},
{
"name" : "MDKSA-2007:085",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
"name": "MDKSA-2007:085",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:085"
},
{
"name" : "RHSA-2007:0338",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
"name": "GLSA-200704-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-14.xml"
},
{
"name" : "SUSE-SR:2007:010",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
"name": "24996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24996"
},
{
"name" : "2007-0013",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0013/"
"name": "ADV-2007-1369",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1369"
},
{
"name" : "23466",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23466"
"name": "RHSA-2007:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0338.html"
},
{
"name" : "oval:org.mitre.oval:def:11156",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11156"
"name": "24849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24849"
},
{
"name" : "ADV-2007-1369",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1369"
"name": "23466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23466"
},
{
"name" : "1018042",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018042"
"name": "24917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24917"
},
{
"name" : "24849",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24849"
"name": "http://www.freeradius.org/security.html",
"refsource": "CONFIRM",
"url": "http://www.freeradius.org/security.html"
},
{
"name" : "24907",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24907"
"name": "SUSE-SR:2007:010",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"name" : "24917",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24917"
"name": "25201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25201"
},
{
"name" : "24996",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24996"
"name": "24907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24907"
},
{
"name" : "25201",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25201"
"name": "25220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25220"
},
{
"name" : "25220",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25220"
"name": "1018042",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018042"
}
]
}

92
2007/2xxx/CVE-2007-2094.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2094",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2094",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the ads_file parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the ads_file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3751",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3751"
"name": "34083",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34083"
},
{
"name" : "23524",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23524"
"name": "24908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24908"
},
{
"name" : "ADV-2007-1427",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1427"
"name": "23524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23524"
},
{
"name" : "34083",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34083"
"name": "anthologia-adsfile-file-include(33705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33705"
},
{
"name" : "24908",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24908"
"name": "ADV-2007-1427",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1427"
},
{
"name" : "anthologia-adsfile-file-include(33705)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33705"
"name": "3751",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3751"
}
]
}

206
2007/6xxx/CVE-2007-6119.json
View File

@ -1,181 +1,181 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6119",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-6119",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors."
"lang": "eng",
"value": "The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080103 rPSA-2008-0004-1 tshark wireshark",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/485792/100/0/threaded"
"name": "27777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27777"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=199958",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=199958"
"name": "https://issues.rpath.com/browse/RPL-1975",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1975"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html"
"name": "29048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29048"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004"
"name": "26532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26532"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1975",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1975"
"name": "http://www.wireshark.org/security/wnpa-sec-2007-03.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2007-03.html"
},
{
"name" : "FEDORA-2007-4590",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html"
"name": "28564",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28564"
},
{
"name" : "FEDORA-2007-4690",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html"
"name": "20080103 rPSA-2008-0004-1 tshark wireshark",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485792/100/0/threaded"
},
{
"name" : "GLSA-200712-23",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200712-23.xml"
"name": "GLSA-200712-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-23.xml"
},
{
"name" : "MDVSA-2008:001",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001"
"name": "28304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28304"
},
{
"name" : "MDVSA-2008:1",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1"
"name": "oval:org.mitre.oval:def:9880",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9880"
},
{
"name" : "RHSA-2008:0058",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0058.html"
"name": "1018988",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018988"
},
{
"name" : "SUSE-SR:2008:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
"name": "FEDORA-2007-4690",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html"
},
{
"name" : "26532",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26532"
"name": "28325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28325"
},
{
"name" : "oval:org.mitre.oval:def:9880",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9880"
"name": "MDVSA-2008:1",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1"
},
{
"name" : "oval:org.mitre.oval:def:14721",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14721"
"name": "MDVSA-2008:001",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001"
},
{
"name" : "ADV-2007-3956",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3956"
"name": "RHSA-2008:0058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0058.html"
},
{
"name" : "1018988",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018988"
"name": "SUSE-SR:2008:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name" : "27777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27777"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=199958",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199958"
},
{
"name" : "28197",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28197"
"name": "ADV-2007-3956",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3956"
},
{
"name" : "28288",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28288"
"name": "28197",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28197"
},
{
"name" : "28304",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28304"
"name": "28288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28288"
},
{
"name" : "28207",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28207"
"name": "oval:org.mitre.oval:def:14721",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14721"
},
{
"name" : "28325",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28325"
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004"
},
{
"name" : "28564",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28564"
"name": "28207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28207"
},
{
"name" : "29048",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29048"
"name": "FEDORA-2007-4590",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html"
}
]
}

92
2007/6xxx/CVE-2007-6344.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6344",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6344",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4719",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4719"
"name": "ADV-2007-4209",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4209"
},
{
"name" : "26821",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26821"
"name": "39139",
"refsource": "OSVDB",
"url": "http://osvdb.org/39139"
},
{
"name" : "ADV-2007-4209",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4209"
"name": "28053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28053"
},
{
"name" : "39139",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39139"
"name": "4719",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4719"
},
{
"name" : "28053",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28053"
"name": "26821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26821"
},
{
"name" : "mcmseasywebmake-index-file-include(38976)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38976"
"name": "mcmseasywebmake-index-file-include(38976)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38976"
}
]
}

62
2010/0xxx/CVE-2010-0342.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0342",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0342",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
}
]
}

74
2010/0xxx/CVE-2010-0390.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0390",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0390",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "11169",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11169"
"name": "38018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38018"
},
{
"name" : "61808",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/61808"
"name": "61808",
"refsource": "OSVDB",
"url": "http://osvdb.org/61808"
},
{
"name" : "38018",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38018"
"name": "11169",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11169"
}
]
}

98
2010/0xxx/CVE-2010-0566.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0566",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0566",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."
"lang": "eng",
"value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
},
{
"name" : "38278",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38278"
"name": "38618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38618"
},
{
"name" : "62431",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/62431"
"name": "cisco-asa-nat-aipssm-dos(56340)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"
},
{
"name" : "1023612",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023612"
"name": "62431",
"refsource": "OSVDB",
"url": "http://osvdb.org/62431"
},
{
"name" : "38618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38618"
"name": "1023612",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023612"
},
{
"name" : "ADV-2010-0415",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0415"
"name": "38278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38278"
},
{
"name" : "cisco-asa-nat-aipssm-dos(56340)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"
"name": "ADV-2010-0415",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0415"
}
]
}

272
2010/0xxx/CVE-2010-0843.json
View File

@ -1,236 +1,236 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0843",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0843",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code."
"lang": "eng",
"value": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100405 ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2010/Apr/41"
"name": "APPLE-SA-2010-05-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
},
{
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-052/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-052/"
"name": "39317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39317"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
"name": "RHSA-2010:0383",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
},
{
"name" : "http://support.apple.com/kb/HT4170",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4170"
"name": "40545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40545"
},
{
"name" : "http://support.apple.com/kb/HT4171",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4171"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-052/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-052/"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
"name": "ADV-2010-1454",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1454"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name": "39819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39819"
},
{
"name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
"name": "39083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39083"
},
{
"name" : "APPLE-SA-2010-05-18-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
"name": "RHSA-2010:0338",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
},
{
"name" : "APPLE-SA-2010-05-18-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
"name": "ADV-2010-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name" : "HPSBMA02547",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "APPLE-SA-2010-05-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
},
{
"name" : "SSRT100179",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "63492",
"refsource": "OSVDB",
"url": "http://osvdb.org/63492"
},
{
"name" : "HPSBMU02799",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name": "43308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43308"
},
{
"name" : "HPSBUX02524",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name" : "SSRT100089",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
"name": "SSRT100179",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "RHSA-2010:0337",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
"name": "SSRT100089",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
},
{
"name" : "RHSA-2010:0338",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
"name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
},
{
"name" : "RHSA-2010:0383",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
"name": "HPSBUX02524",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2"
},
{
"name" : "RHSA-2010:0471",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
"name": "http://support.apple.com/kb/HT4170",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4170"
},
{
"name" : "RHSA-2010:0489",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
"name": "ADV-2010-1523",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1523"
},
{
"name" : "SUSE-SR:2010:008",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"name" : "SUSE-SR:2010:017",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
"name": "SUSE-SR:2010:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name" : "39083",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39083"
"name": "39659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39659"
},
{
"name" : "63492",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/63492"
"name": "oval:org.mitre.oval:def:14092",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14092"
},
{
"name" : "oval:org.mitre.oval:def:14092",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14092"
"name": "RHSA-2010:0471",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
},
{
"name" : "39317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39317"
"name": "SUSE-SR:2010:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name" : "39659",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39659"
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name" : "39819",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39819"
"name": "RHSA-2010:0337",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
},
{
"name" : "40211",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40211"
"name": "RHSA-2010:0489",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
},
{
"name" : "40545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40545"
"name": "HPSBMA02547",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "43308",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43308"
"name": "40211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40211"
},
{
"name" : "ADV-2010-1191",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1191"
"name": "http://support.apple.com/kb/HT4171",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4171"
},
{
"name" : "ADV-2010-1454",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1454"
"name": "20100405 ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2010/Apr/41"
},
{
"name" : "ADV-2010-1523",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1523"
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name" : "ADV-2010-1793",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1793"
"name": "ADV-2010-1191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1191"
}
]
}

74
2010/0xxx/CVE-2010-0870.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0870",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-0870",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH."
"lang": "eng",
"value": "Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
"name": "TA10-103B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
},
{
"name" : "TA10-103B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
},
{
"name" : "39438",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39438"
"name": "39438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39438"
}
]
}

74
2010/1xxx/CVE-2010-1004.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1004",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1004",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/extensions/repository/view/yatse/0.3.2/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/yatse/0.3.2/"
"name": "http://typo3.org/extensions/repository/view/yatse/0.3.2/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/yatse/0.3.2/"
},
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
"name": "38808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38808"
},
{
"name" : "38808",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38808"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
}
]
}

104
2010/1xxx/CVE-2010-1574.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1574",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-1574",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589."
"lang": "eng",
"value": "IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100707 Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml"
"name": "40407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40407"
},
{
"name" : "VU#732671",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/732671"
"name": "1024173",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024173"
},
{
"name" : "41436",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41436"
"name": "20100707 Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml"
},
{
"name" : "66120",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/66120"
"name": "VU#732671",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/732671"
},
{
"name" : "1024173",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024173"
"name": "ADV-2010-1754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1754"
},
{
"name" : "40407",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40407"
"name": "41436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41436"
},
{
"name" : "ADV-2010-1754",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1754"
"name": "66120",
"refsource": "OSVDB",
"url": "http://osvdb.org/66120"
},
{
"name" : "cisco-industrial-snmp-unauth-access(60145)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60145"
"name": "cisco-industrial-snmp-unauth-access(60145)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60145"
}
]
}

22
2010/1xxx/CVE-2010-1798.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1798",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1798",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2010/4xxx/CVE-2010-4376.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4376",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4376",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream."
"lang": "eng",
"value": "Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-271",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-271"
"name": "1024861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024861"
},
{
"name" : "http://service.real.com/realplayer/security/12102010_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/12102010_player/en/"
"name": "http://service.real.com/realplayer/security/12102010_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/12102010_player/en/"
},
{
"name" : "45411",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45411"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-271",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-271"
},
{
"name" : "1024861",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024861"
"name": "45411",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45411"
}
]
}

86
2010/4xxx/CVE-2010-4672.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4672",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4672",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269."
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
"name": "1024963",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024963"
},
{
"name" : "45767",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45767"
"name": "cisco-asa-eigrp-dos(64694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64694"
},
{
"name" : "1024963",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024963"
"name": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
},
{
"name" : "42931",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42931"
"name": "45767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45767"
},
{
"name" : "cisco-asa-eigrp-dos(64694)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64694"
"name": "42931",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42931"
}
]
}

62
2010/4xxx/CVE-2010-4887.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4887",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4887",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
"lang": "eng",
"value": "SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/"
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/"
}
]
}

248
2014/0xxx/CVE-2014-0107.json
View File

@ -1,216 +1,216 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0107",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0107",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function."
"lang": "eng",
"value": "The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ocert.org/advisories/ocert-2014-002.html",
"refsource" : "MISC",
"url" : "http://www.ocert.org/advisories/ocert-2014-002.html"
"name": "https://issues.apache.org/jira/browse/XALANJ-2435",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/XALANJ-2435"
},
{
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1581058",
"refsource" : "CONFIRM",
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1581058"
"name": "GLSA-201604-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-02"
},
{
"name" : "https://issues.apache.org/jira/browse/XALANJ-2435",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/XALANJ-2435"
"name": "59291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59291"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677145"
"name": "59290",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59290"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680703"
"name": "RHSA-2015:1888",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1888.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681933"
"name": "59151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59151"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "59247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59247"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674334"
"name": "59515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59515"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676093"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21677967",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21677967"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21677967",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677967"
},
{
"name" : "https://www.tenable.com/security/tns-2018-15",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2018-15"
"name": "https://www.tenable.com/security/tns-2018-15",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2018-15"
},
{
"name" : "DSA-2886",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2886"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145"
},
{
"name" : "GLSA-201604-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-02"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933"
},
{
"name" : "RHSA-2014:1351",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name" : "RHSA-2014:0348",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0348.html"
"name": "DSA-2886",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2886"
},
{
"name" : "RHSA-2015:1888",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1888.html"
"name": "60502",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60502"
},
{
"name" : "66397",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66397"
"name": "59369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59369"
},
{
"name" : "1034711",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034711"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334"
},
{
"name" : "1034716",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034716"
"name": "59711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59711"
},
{
"name" : "57563",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57563"
"name": "http://www.ocert.org/advisories/ocert-2014-002.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2014-002.html"
},
{
"name" : "59369",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59369"
"name": "http://svn.apache.org/viewvc?view=revision&revision=1581058",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1581058"
},
{
"name" : "59036",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59036"
"name": "57563",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57563"
},
{
"name" : "59711",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59711"
"name": "66397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66397"
},
{
"name" : "60502",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60502"
"name": "1034711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034711"
},
{
"name" : "59151",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59151"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703"
},
{
"name" : "59247",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59247"
"name": "1034716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034716"
},
{
"name" : "59290",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59290"
"name": "RHSA-2014:1351",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
},
{
"name" : "59291",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59291"
"name": "RHSA-2014:0348",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0348.html"
},
{
"name" : "59515",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59515"
"name": "59036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59036"
},
{
"name" : "apache-xalanjava-cve20140107-sec-bypass(92023)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023"
"name": "apache-xalanjava-cve20140107-sec-bypass(92023)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023"
}
]
}

62
2014/0xxx/CVE-2014-0308.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0308",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0308",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324."
"lang": "eng",
"value": "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-012",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012"
"name": "MS14-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012"
}
]
}

68
2014/0xxx/CVE-2014-0850.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0850",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0850",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Reference Data Management (RDM) Hub 10.1 and 11.0 before 11.0.0.0-MDM-IF008 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Reference Data Management (RDM) Hub 10.1 and 11.0 before 11.0.0.0-MDM-IF008 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666119",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666119"
"name": "ibm-mdm-rdm-cve20140850-xss(90751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90751"
},
{
"name" : "ibm-mdm-rdm-cve20140850-xss(90751)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90751"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21666119",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21666119"
}
]
}

68
2014/10xxx/CVE-2014-10074.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-10074",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10074",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files."
"lang": "eng",
"value": "Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://issues.umbraco.org/issue/U4-5901",
"refsource" : "MISC",
"url" : "http://issues.umbraco.org/issue/U4-5901"
"name": "https://github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39",
"refsource": "MISC",
"url": "https://github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39"
},
{
"name" : "https://github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39",
"refsource" : "MISC",
"url" : "https://github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39"
"name": "http://issues.umbraco.org/issue/U4-5901",
"refsource": "MISC",
"url": "http://issues.umbraco.org/issue/U4-5901"
}
]
}

22
2014/1xxx/CVE-2014-1658.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1658",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-1658",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

74
2014/4xxx/CVE-2014-4018.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4018",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4018",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors."
"lang": "eng",
"value": "The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "33803",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33803"
"name": "http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html"
},
{
"name" : "http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html"
"name": "https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/",
"refsource": "MISC",
"url": "https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/"
},
{
"name" : "https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/",
"refsource" : "MISC",
"url" : "https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/"
"name": "33803",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33803"
}
]
}

80
2014/4xxx/CVE-2014-4122.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4122",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-4122",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka \".NET ASLR Vulnerability.\""
"lang": "eng",
"value": "Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka \".NET ASLR Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-057",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-057"
"name": "MS14-057",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-057"
},
{
"name" : "70312",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70312"
"name": "60969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60969"
},
{
"name" : "1031021",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031021"
"name": "70312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70312"
},
{
"name" : "60969",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60969"
"name": "1031021",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031021"
}
]
}

68
2014/4xxx/CVE-2014-4828.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4828",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4828",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request."
"lang": "eng",
"value": "IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote attackers to conduct clickjacking attacks via a crafted HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686478"
},
{
"name" : "ibm-qvm-cve20144828-clickjacking(95578)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95578"
"name": "ibm-qvm-cve20144828-clickjacking(95578)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95578"
}
]
}

74
2014/4xxx/CVE-2014-4874.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4874",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-4874",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page."
"lang": "eng",
"value": "BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html"
"name": "http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128594/BMC-Track-it-Remote-Code-Execution-SQL-Injection.html"
},
{
"name" : "https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt",
"refsource" : "MISC",
"url" : "https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt"
"name": "VU#121036",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/121036"
},
{
"name" : "VU#121036",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/121036"
"name": "https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt",
"refsource": "MISC",
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/generic/bmc-track-it-11.3.txt"
}
]
}

68
2014/4xxx/CVE-2014-4880.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4880",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-4880",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorization header."
"lang": "eng",
"value": "Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorization header."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35356",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/35356"
"name": "35356",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35356"
},
{
"name" : "http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html"
"name": "http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html"
}
]
}

86
2014/4xxx/CVE-2014-4996.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4996",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4996",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}."
"lang": "eng",
"value": "lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140707 Vulnerability Report for Ruby Gem VladTheEnterprising-0.2",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/07/07/14"
"name": "68731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68731"
},
{
"name" : "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/07/17/5"
"name": "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/17/5"
},
{
"name" : "http://www.vapid.dhs.org/advisories/VladTheEnterprising-0.2.html",
"refsource" : "MISC",
"url" : "http://www.vapid.dhs.org/advisories/VladTheEnterprising-0.2.html"
"name": "vladtheenterprising-cve20144996-sec-bypass(94744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94744"
},
{
"name" : "68731",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68731"
"name": "[oss-security] 20140707 Vulnerability Report for Ruby Gem VladTheEnterprising-0.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/07/14"
},
{
"name" : "vladtheenterprising-cve20144996-sec-bypass(94744)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94744"
"name": "http://www.vapid.dhs.org/advisories/VladTheEnterprising-0.2.html",
"refsource": "MISC",
"url": "http://www.vapid.dhs.org/advisories/VladTheEnterprising-0.2.html"
}
]
}

22
2014/9xxx/CVE-2014-9052.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9052",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9052",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/9xxx/CVE-2014-9346.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9346",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9346",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchical Select module 6.x-3.x before 6.x-3.9 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to the (1) taxonomy term title for instances with Save term lineage enabled or (2) entity type fields."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchical Select module 6.x-3.x before 6.x-3.9 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to the (1) taxonomy term title for instances with Save term lineage enabled or (2) entity type fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.drupal.org/node/2386615",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2386615"
"name": "hierarchicalselect-hierarchicalselect-xss(99136)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99136"
},
{
"name" : "https://www.drupal.org/node/2385933",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2385933"
"name": "https://www.drupal.org/node/2385933",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2385933"
},
{
"name" : "60511",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60511"
"name": "https://www.drupal.org/node/2386615",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2386615"
},
{
"name" : "hierarchicalselect-hierarchicalselect-xss(99136)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99136"
"name": "60511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60511"
}
]
}

68
2014/9xxx/CVE-2014-9519.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9519",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9519",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in login.php in InfiniteWP Admin Panel before 2.4.3 allows remote attackers to execute arbitrary SQL commands via the email parameter."
"lang": "eng",
"value": "SQL injection vulnerability in login.php in InfiniteWP Admin Panel before 2.4.3 allows remote attackers to execute arbitrary SQL commands via the email parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141210 Multiple vulnerabilities in InfiniteWP Admin Panel",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/43"
"name": "https://lifeforms.nl/20141210/infinitewp-vulnerabilities/",
"refsource": "MISC",
"url": "https://lifeforms.nl/20141210/infinitewp-vulnerabilities/"
},
{
"name" : "https://lifeforms.nl/20141210/infinitewp-vulnerabilities/",
"refsource" : "MISC",
"url" : "https://lifeforms.nl/20141210/infinitewp-vulnerabilities/"
"name": "20141210 Multiple vulnerabilities in InfiniteWP Admin Panel",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/43"
}
]
}

70
2014/9xxx/CVE-2014-9994.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2014-9994",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2014-9994",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value" : "SD 400, SD 800"
"version_value": "SD 400, SD 800"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Integer Overflow to Buffer Overflow vulnerability in QTEE"
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow vulnerability in QTEE"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

188
2016/3xxx/CVE-2016-3053.json
View File

@ -1,238 +1,238 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-3053",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3053",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "AIX",
"version" : {
"version_data" : [
"product_name": "AIX",
"version": {
"version_data": [
{
"version_value" : "3.4"
"version_value": "3.4"
},
{
"version_value" : "3.2.0"
"version_value": "3.2.0"
},
{
"version_value" : "4.1.1"
"version_value": "4.1.1"
},
{
"version_value" : "4.1.2"
"version_value": "4.1.2"
},
{
"version_value" : "4.1.3"
"version_value": "4.1.3"
},
{
"version_value" : "4.1.4"
"version_value": "4.1.4"
},
{
"version_value" : "4.1.5"
"version_value": "4.1.5"
},
{
"version_value" : "4.2.0"
"version_value": "4.2.0"
},
{
"version_value" : "4.2.1.12"
"version_value": "4.2.1.12"
},
{
"version_value" : "430"
"version_value": "430"
},
{
"version_value" : "5"
"version_value": "5"
},
{
"version_value" : "5.1L"
"version_value": "5.1L"
},
{
"version_value" : "5.2.2"
"version_value": "5.2.2"
},
{
"version_value" : "5.2 L"
"version_value": "5.2 L"
},
{
"version_value" : "5.3 L"
"version_value": "5.3 L"
},
{
"version_value" : "5.3.7"
"version_value": "5.3.7"
},
{
"version_value" : "4.3"
"version_value": "4.3"
},
{
"version_value" : "4.3.2"
"version_value": "4.3.2"
},
{
"version_value" : "4"
"version_value": "4"
},
{
"version_value" : "5.2"
"version_value": "5.2"
},
{
"version_value" : "4.3.1"
"version_value": "4.3.1"
},
{
"version_value" : "4.3.3.10"
"version_value": "4.3.3.10"
},
{
"version_value" : "3.1"
"version_value": "3.1"
},
{
"version_value" : "4.2.1"
"version_value": "4.2.1"
},
{
"version_value" : "4.2"
"version_value": "4.2"
},
{
"version_value" : "2.2.1"
"version_value": "2.2.1"
},
{
"version_value" : "5.1"
"version_value": "5.1"
},
{
"version_value" : "4.3.3"
"version_value": "4.3.3"
},
{
"version_value" : "4.1"
"version_value": "4.1"
},
{
"version_value" : "3.2.5"
"version_value": "3.2.5"
},
{
"version_value" : "3.2"
"version_value": "3.2"
},
{
"version_value" : "3.2.4"
"version_value": "3.2.4"
},
{
"version_value" : "6.1"
"version_value": "6.1"
},
{
"version_value" : "5.3"
"version_value": "5.3"
},
{
"version_value" : "5.2.0.50"
"version_value": "5.2.0.50"
},
{
"version_value" : "5.2.0.54"
"version_value": "5.2.0.54"
},
{
"version_value" : "5.3.0.10"
"version_value": "5.3.0.10"
},
{
"version_value" : "5.3.0.20"
"version_value": "5.3.0.20"
},
{
"version_value" : "5.2.0"
"version_value": "5.2.0"
},
{
"version_value" : "5.3.0"
"version_value": "5.3.0"
},
{
"version_value" : "5.3.8"
"version_value": "5.3.8"
},
{
"version_value" : "6.1.1"
"version_value": "6.1.1"
},
{
"version_value" : "6.1.2"
"version_value": "6.1.2"
},
{
"version_value" : "5.3.9"
"version_value": "5.3.9"
},
{
"version_value" : "6.1.0"
"version_value": "6.1.0"
},
{
"version_value" : "7.1"
"version_value": "7.1"
},
{
"version_value" : "1.2.1"
"version_value": "1.2.1"
},
{
"version_value" : "1.3"
"version_value": "1.3"
},
{
"version_value" : "4.0"
"version_value": "4.0"
},
{
"version_value" : "4.3.0"
"version_value": "4.3.0"
},
{
"version_value" : "5.1.0.10"
"version_value": "5.1.0.10"
},
{
"version_value" : "5.3"
"version_value": "5.3"
},
{
"version_value" : "5.3_ml03"
"version_value": "5.3_ml03"
},
{
"version_value" : "5L"
"version_value": "5L"
},
{
"version_value" : "7.2"
"version_value": "7.2"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges."
"lang": "eng",
"value": "IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Privileges"
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40709",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40709/"
"name": "93605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93605"
},
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/lsmcode_advisory2.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/lsmcode_advisory2.asc"
"name": "http://aix.software.ibm.com/aix/efixes/security/lsmcode_advisory2.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/lsmcode_advisory2.asc"
},
{
"name" : "93605",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93605"
"name": "40709",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40709/"
},
{
"name" : "1037030",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037030"
"name": "1037030",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037030"
}
]
}

80
2016/3xxx/CVE-2016-3298.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3298",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3298",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-118",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118"
"name": "MS16-118",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118"
},
{
"name" : "MS16-126",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126"
"name": "MS16-126",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126"
},
{
"name" : "93392",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93392"
"name": "93392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93392"
},
{
"name" : "1036992",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036992"
"name": "1036992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036992"
}
]
}

22
2016/3xxx/CVE-2016-3661.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3661",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3661",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/3xxx/CVE-2016-3701.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3701",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3701",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2016/6xxx/CVE-2016-6179.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6179",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6179",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application."
"lang": "eng",
"value": "The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-smartphone-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-smartphone-en"
"name": "91773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91773"
},
{
"name" : "91773",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91773"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-smartphone-en"
}
]
}

62
2016/6xxx/CVE-2016-6534.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2016-6534",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6534",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Opmantek NMIS before 8.5.12G",
"version" : {
"version_data" : [
"product_name": "Opmantek NMIS before 8.5.12G",
"version": {
"version_data": [
{
"version_value" : "Opmantek NMIS before 8.5.12G"
"version_value": "Opmantek NMIS before 8.5.12G"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations."
"lang": "eng",
"value": "Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "command injection"
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2"
"name": "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2"
}
]
}

152
2016/7xxx/CVE-2016-7097.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7097",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7097",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions."
"lang": "eng",
"value": "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[linux-fsdevel] 20160526 [PATCH 2/2] posix_acl: Clear SGID bit when modifying file permissions",
"refsource" : "MLIST",
"url" : "http://www.spinics.net/lists/linux-fsdevel/msg98328.html"
"name": "USN-3146-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3146-2"
},
{
"name" : "[linux-fsdevel] 20160819 [PATCH v2] posix_acl: Clear SGID bit when setting file permissions",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2"
"name": "USN-3146-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3146-1"
},
{
"name" : "[oss-security] 20160826 Re: CVE request -- linux kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/08/26/3"
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef"
"name": "92659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92659"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1368938",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1368938"
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name" : "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef"
"name": "[linux-fsdevel] 20160526 [PATCH 2/2] posix_acl: Clear SGID bit when modifying file permissions",
"refsource": "MLIST",
"url": "http://www.spinics.net/lists/linux-fsdevel/msg98328.html"
},
{
"name" : "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef"
},
{
"name" : "RHSA-2017:2669",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2669"
"name": "[oss-security] 20160826 Re: CVE request -- linux kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/26/3"
},
{
"name" : "RHSA-2017:0817",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
"name": "RHSA-2017:0817",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name" : "RHSA-2017:1842",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1842"
"name": "USN-3147-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3147-1"
},
{
"name" : "RHSA-2017:2077",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2077"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1368938",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1368938"
},
{
"name" : "USN-3146-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3146-1"
"name": "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef"
},
{
"name" : "USN-3146-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3146-2"
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name" : "USN-3147-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3147-1"
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name" : "92659",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92659"
"name": "[linux-fsdevel] 20160819 [PATCH v2] posix_acl: Clear SGID bit when setting file permissions",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2"
},
{
"name" : "1038201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201"
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}

98
2016/7xxx/CVE-2016-7411.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7411",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7411",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object."
"lang": "eng",
"value": "ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/15/10"
"name": "GLSA-201611-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "1036836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"name" : "https://bugs.php.net/bug.php?id=73052",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=73052"
"name": "https://bugs.php.net/bug.php?id=73052",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=73052"
},
{
"name" : "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1",
"refsource" : "CONFIRM",
"url" : "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1"
"name": "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"name" : "GLSA-201611-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-22"
"name": "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1"
},
{
"name" : "93009",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93009"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "1036836",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036836"
"name": "93009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93009"
}
]
}

68
2016/7xxx/CVE-2016-7552.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7552",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7552",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS."
"lang": "eng",
"value": "On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6",
"refsource" : "MISC",
"url" : "https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6"
"name": "https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6"
},
{
"name" : "97599",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97599"
"name": "97599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97599"
}
]
}

86
2016/7xxx/CVE-2016-7663.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7663",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7663",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"CoreFoundation\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"CoreFoundation\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name" : "https://support.apple.com/HT207423",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207423"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "https://support.apple.com/HT207487",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207487"
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name" : "94905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94905"
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name" : "1037469",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037469"
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}

74
2016/7xxx/CVE-2016-7891.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2016-7891",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7891",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Adobe RoboHelp 2015.0.3 and earlier, RoboHelp 11 and earlier",
"version" : {
"version_data" : [
"product_name": "Adobe RoboHelp 2015.0.3 and earlier, RoboHelp 11 and earlier",
"version": {
"version_data": [
{
"version_value" : "Adobe RoboHelp 2015.0.3 and earlier, RoboHelp 11 and earlier"
"version_value": "Adobe RoboHelp 2015.0.3 and earlier, RoboHelp 11 and earlier"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks."
"lang": "eng",
"value": "Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting"
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/robohelp/apsb16-46.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/robohelp/apsb16-46.html"
"name": "94878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94878"
},
{
"name" : "94878",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94878"
"name": "https://helpx.adobe.com/security/products/robohelp/apsb16-46.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/robohelp/apsb16-46.html"
},
{
"name" : "1037456",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037456"
"name": "1037456",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037456"
}
]
}

80
2016/7xxx/CVE-2016-7902.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafted extension, as demonstrated by .php.txt or .php%20."
"lang": "eng",
"value": "Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafted extension, as demonstrated by .php.txt or .php%20."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161005 CVE-2016-7902: Dotclear <= 2.10.2 (Media Manager) Unrestricted File Upload",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/05/6"
"name": "[oss-security] 20161005 CVE-2016-7902: Dotclear <= 2.10.2 (Media Manager) Unrestricted File Upload",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/05/6"
},
{
"name" : "https://dotclear.org/blog/post/2016/11/01/Dotclear-2.10.3",
"refsource" : "CONFIRM",
"url" : "https://dotclear.org/blog/post/2016/11/01/Dotclear-2.10.3"
"name": "https://dotclear.org/blog/post/2016/11/01/Dotclear-2.10.3",
"refsource": "CONFIRM",
"url": "https://dotclear.org/blog/post/2016/11/01/Dotclear-2.10.3"
},
{
"name" : "https://hg.dotclear.org/dotclear/rev/a9db771a5a70",
"refsource" : "CONFIRM",
"url" : "https://hg.dotclear.org/dotclear/rev/a9db771a5a70"
"name": "https://hg.dotclear.org/dotclear/rev/a9db771a5a70",
"refsource": "CONFIRM",
"url": "https://hg.dotclear.org/dotclear/rev/a9db771a5a70"
},
{
"name" : "93440",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93440"
"name": "93440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93440"
}
]
}

80
2016/8xxx/CVE-2016-8287.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2016-8287",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-8287",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name": "GLSA-201701-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-01"
},
{
"name" : "GLSA-201701-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-01"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name" : "93727",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93727"
"name": "93727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93727"
},
{
"name" : "1037050",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037050"
"name": "1037050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037050"
}
]
}

68
2016/8xxx/CVE-2016-8367.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-8367",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8367",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Schneider Electric Magelis HMI",
"version" : {
"version_data" : [
"product_name": "Schneider Electric Magelis HMI",
"version": {
"version_data": [
{
"version_value" : "Schneider Electric Magelis HMI"
"version_value": "Schneider Electric Magelis HMI"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack."
"lang": "eng",
"value": "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Schneider Electric Magelis HMI Resource Consumption"
"lang": "eng",
"value": "Schneider Electric Magelis HMI Resource Consumption"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02"
},
{
"name" : "94093",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94093"
"name": "94093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94093"
}
]
}