admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:13:15 +00:00
parent 017b039138
commit 76a0ab1ff8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3395 additions and 3395 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
2001/0xxx/CVE-2001-0284.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0284", "ID": "CVE-2001-0284",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010302 Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun in the kernel.", "description_data": [
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata.html#ipsec_ah" "lang": "eng",
}, "value": "Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option."
{ }
"name" : "6026", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/6026" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010302 Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun in the kernel.",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata.html#ipsec_ah"
},
{
"name": "6026",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6026"
}
]
}
} }

168
2001/0xxx/CVE-2001-0690.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0690", "ID": "CVE-2001-0690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010606 lil' exim format bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" "lang": "eng",
}, "value": "Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers."
{ }
"name" : "DSA-058", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2001/dsa-058" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2001:402", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000402" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2001:078", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2001-078.html" ]
}, },
{ "references": {
"name" : "exim-syntax-format-string(6671)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" "name": "exim-syntax-format-string(6671)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671"
"name" : "2828", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/2828" "name": "20010606 lil' exim format bug",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html"
} },
{
"name": "2828",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2828"
},
{
"name": "DSA-058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-058"
},
{
"name": "RHSA-2001:078",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-078.html"
},
{
"name": "CLA-2001:402",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000402"
}
]
}
} }

32
2001/0xxx/CVE-2001-0885.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0885", "ID": "CVE-2001-0885",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2001/1xxx/CVE-2001-1084.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1084", "ID": "CVE-2001-1084",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010702 Multiple Vendor Java Servlet Container Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message."
{ }
"name" : "MPSB01-06", ]
"refsource" : "ALLAIRE", },
"url" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=21498&Method=Full" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#654643", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/654643" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2983", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/2983" ]
}, },
{ "references": {
"name" : "1891", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1891" "name": "java-servlet-crosssite-scripting(6793)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6793"
"name" : "java-servlet-crosssite-scripting(6793)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6793" "name": "20010702 Multiple Vendor Java Servlet Container Cross-Site Scripting Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html"
} },
{
"name": "MPSB01-06",
"refsource": "ALLAIRE",
"url": "http://www.macromedia.com/v1/handlers/index.cfm?ID=21498&Method=Full"
},
{
"name": "1891",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1891"
},
{
"name": "2983",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2983"
},
{
"name": "VU#654643",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/654643"
}
]
}
} }

148
2001/1xxx/CVE-2001-1503.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1503", "ID": "CVE-2001-1503",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011022 Solaris fingerd disclose complete user list", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0016.html" "lang": "eng",
}, "value": "The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host."
{ }
"name" : "27116", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-27116-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3457", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3457" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "solaris-fingerd-list-accounts(7334)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7334" ]
} },
] "references": {
} "reference_data": [
{
"name": "solaris-fingerd-list-accounts(7334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7334"
},
{
"name": "20011022 Solaris fingerd disclose complete user list",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0016.html"
},
{
"name": "27116",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-27116-1"
},
{
"name": "3457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3457"
}
]
}
} }

148
2001/1xxx/CVE-2001-1517.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1517", "ID": "CVE-2001-1517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011112 RADIX1112200102", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0041.html" "lang": "eng",
}, "value": "** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information."
{ }
"name" : "20011114 RE:Radix Research Reports RADIX1112200101, RADIX1112200102, and RADIX1112200103", ]
"refsource" : "BUGTRAQ", },
"url" : "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00100.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3184", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3184" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "win2k-runas-reveal-information(7531)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/7531.php" ]
} },
] "references": {
} "reference_data": [
{
"name": "3184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3184"
},
{
"name": "20011112 RADIX1112200102",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0041.html"
},
{
"name": "20011114 RE:Radix Research Reports RADIX1112200101, RADIX1112200102, and RADIX1112200103",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00100.html"
},
{
"name": "win2k-runas-reveal-information(7531)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7531.php"
}
]
}
} }

158
2006/2xxx/CVE-2006-2068.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2068", "ID": "CVE-2006-2068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data."
{ }
"name" : "17706", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17706" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1524", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1524" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19841", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/19841" ]
}, },
{ "references": {
"name" : "hitachi-jp1-request-dos(26087)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26087" "name": "19841",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19841"
} },
{
"name": "hitachi-jp1-request-dos(26087)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26087"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html"
},
{
"name": "17706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17706"
},
{
"name": "ADV-2006-1524",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1524"
}
]
}
} }

198
2006/2xxx/CVE-2006-2074.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2074", "ID": "CVE-2006-2074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS \"client code,\" as demonstrated by the OUSPG PROTOS DNS test suite."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en" "lang": "eng",
}, "value": "Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS \"client code,\" as demonstrated by the OUSPG PROTOS DNS test suite."
{ }
"name" : "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en", ]
"refsource" : "MISC", },
"url" : "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#955777", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/955777" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17693", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17693" ]
}, },
{ "references": {
"name" : "ADV-2006-1505", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1505" "name": "1015992",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015992"
"name" : "ADV-2006-1526", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1526" "name": "dns-improper-request-handling(26081)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
"name" : "1015992", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015992" "name": "VU#955777",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/955777"
"name" : "19822", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19822" "name": "19822",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19822"
"name" : "dns-improper-request-handling(26081)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081" "name": "17693",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17693"
} },
{
"name": "ADV-2006-1526",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1526"
},
{
"name": "ADV-2006-1505",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
}
]
}
} }

158
2006/2xxx/CVE-2006-2159.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2159", "ID": "CVE-2006-2159",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060502 Russcom.net Loginphp multiple vulnerabilties", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/432729/100/0/threaded" "lang": "eng",
}, "value": "CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address."
{ }
"name" : "17787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25214", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25214" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19930", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/19930" ]
}, },
{ "references": {
"name" : "russcom-loginphp-help-mail-relay(26250)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26250" "name": "25214",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/25214"
} },
{
"name": "19930",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19930"
},
{
"name": "20060502 Russcom.net Loginphp multiple vulnerabilties",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432729/100/0/threaded"
},
{
"name": "russcom-loginphp-help-mail-relay(26250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26250"
},
{
"name": "17787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17787"
}
]
}
} }

178
2006/2xxx/CVE-2006-2494.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2494", "ID": "CVE-2006-2494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a crafted .map file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1806", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1806" "lang": "eng",
}, "value": "Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a crafted .map file."
{ }
"name" : "18039", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18039" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1860", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1860" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2008-2120", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2008/2120" ]
}, },
{ "references": {
"name" : "1016117", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016117" "name": "ADV-2006-1860",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1860"
"name" : "20172", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20172" "name": "18039",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18039"
"name" : "intellitamper-map-bo(26551)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26551" "name": "ADV-2008-2120",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2008/2120"
} },
{
"name": "1016117",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016117"
},
{
"name": "20172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20172"
},
{
"name": "intellitamper-map-bo(26551)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26551"
},
{
"name": "1806",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1806"
}
]
}
} }

158
2006/6xxx/CVE-2006-6022.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6022", "ID": "CVE-2006-6022",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061117 Dating Site [ login bypass & xss]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451963/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter."
{ }
"name" : "21158", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21158" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23017", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23017" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1898", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/1898" ]
}, },
{ "references": {
"name" : "datingsite-loginform-xss(30396)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30396" "name": "1898",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1898"
} },
{
"name": "23017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23017"
},
{
"name": "21158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21158"
},
{
"name": "20061117 Dating Site [ login bypass & xss]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451963/100/0/threaded"
},
{
"name": "datingsite-loginform-xss(30396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30396"
}
]
}
} }

138
2006/6xxx/CVE-2006-6168.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6168", "ID": "CVE-2006-6168",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger \"notification-spam\" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of \"a minimal check on email.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51" "lang": "eng",
}, "value": "tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger \"notification-spam\" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of \"a minimal check on email.\""
{ }
"name" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/tiki-register.php?r1=1.68&r2=1.69", ]
"refsource" : "CONFIRM", },
"url" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/tiki-register.php?r1=1.68&r2=1.69" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4709", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4709" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51",
"refsource": "CONFIRM",
"url": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51"
},
{
"name": "ADV-2006-4709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4709"
},
{
"name": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/tiki-register.php?r1=1.68&r2=1.69",
"refsource": "CONFIRM",
"url": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/tiki-register.php?r1=1.68&r2=1.69"
}
]
}
} }

138
2006/6xxx/CVE-2006-6519.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6519", "ID": "CVE-2006-6519",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in lire-avis.php in ProNews 1.5 allows remote attackers to execute arbitrary SQL commands via the aa parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061209 ProNews V1.5 XSS & SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/453964/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in lire-avis.php in ProNews 1.5 allows remote attackers to execute arbitrary SQL commands via the aa parameter."
{ }
"name" : "21516", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21516" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2025", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2025" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "21516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21516"
},
{
"name": "2025",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2025"
},
{
"name": "20061209 ProNews V1.5 XSS & SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453964/100/0/threaded"
}
]
}
} }

138
2006/6xxx/CVE-2006-6953.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6953", "ID": "CVE-2006-6953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060623 GlobeTrotter Mobility Manager - security issue", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/438376/100/100/threaded" "lang": "eng",
}, "value": "The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots."
{ }
"name" : "http://img45.imageshack.us/my.php?image=poc7ik.jpg", ]
"refsource" : "MISC", },
"url" : "http://img45.imageshack.us/my.php?image=poc7ik.jpg" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "globetrotter-virtual-information-disclosure(27447)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27447" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20060623 GlobeTrotter Mobility Manager - security issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438376/100/100/threaded"
},
{
"name": "http://img45.imageshack.us/my.php?image=poc7ik.jpg",
"refsource": "MISC",
"url": "http://img45.imageshack.us/my.php?image=poc7ik.jpg"
},
{
"name": "globetrotter-virtual-information-disclosure(27447)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27447"
}
]
}
} }

148
2011/0xxx/CVE-2011-0237.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0237", "ID": "CVE-2011-0237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4808", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4808" "lang": "eng",
}, "value": "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1."
{ }
"name" : "http://support.apple.com/kb/HT4981", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4981" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2011-07-20-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2011-10-11-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://support.apple.com/kb/HT4981",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4981"
},
{
"name": "APPLE-SA-2011-10-11-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4808",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4808"
},
{
"name": "APPLE-SA-2011-07-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
}
]
}
} }

128
2011/2xxx/CVE-2011-2008.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2011-2008", "ID": "CVE-2011-2008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka \"Access of Unallocated Memory DoS Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS11-082", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-082" "lang": "eng",
}, "value": "Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka \"Access of Unallocated Memory DoS Vulnerability.\""
{ }
"name" : "oval:org.mitre.oval:def:12915", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12915" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:12915",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12915"
},
{
"name": "MS11-082",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-082"
}
]
}
} }

128
2011/2xxx/CVE-2011-2311.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-2311", "ID": "CVE-2011-2311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2313."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2313."
{ }
"name" : "76464", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/76464" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76464",
"refsource": "OSVDB",
"url": "http://osvdb.org/76464"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
}
]
}
} }

218
2011/2xxx/CVE-2011-2529.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2529", "ID": "CVE-2011-2529",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://downloads.asterisk.org/pub/security/AST-2011-008.diff", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://downloads.asterisk.org/pub/security/AST-2011-008.diff" "lang": "eng",
}, "value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet."
{ }
"name" : "http://downloads.asterisk.org/pub/security/AST-2011-008.html", ]
"refsource" : "CONFIRM", },
"url" : "http://downloads.asterisk.org/pub/security/AST-2011-008.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2276", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2276" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2011-8914", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html" ]
}, },
{ "references": {
"name" : "48431", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48431" "name": "asterisk-sipsockread-dos(68203)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68203"
"name" : "73307", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/73307" "name": "73307",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/73307"
"name" : "1025706", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1025706" "name": "48431",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/48431"
"name" : "45048", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45048" "name": "http://downloads.asterisk.org/pub/security/AST-2011-008.html",
}, "refsource": "CONFIRM",
{ "url": "http://downloads.asterisk.org/pub/security/AST-2011-008.html"
"name" : "45201", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45201" "name": "45239",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/45239"
"name" : "45239", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45239" "name": "http://downloads.asterisk.org/pub/security/AST-2011-008.diff",
}, "refsource": "CONFIRM",
{ "url": "http://downloads.asterisk.org/pub/security/AST-2011-008.diff"
"name" : "asterisk-sipsockread-dos(68203)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68203" "name": "DSA-2276",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2011/dsa-2276"
} },
{
"name": "FEDORA-2011-8914",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html"
},
{
"name": "45048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45048"
},
{
"name": "1025706",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025706"
},
{
"name": "45201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45201"
}
]
}
} }

158
2011/2xxx/CVE-2011-2898.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2898", "ID": "CVE-2011-2898",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110803 Re: CVE request: Linux kernel af_packet information leak", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/08/03/7" "lang": "eng",
}, "value": "net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application."
{ }
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3", ]
"refsource" : "CONFIRM", },
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13fcb7bd322164c67926ffe272846d4860196dc6", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13fcb7bd322164c67926ffe272846d4860196dc6" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=728023", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=728023" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/13fcb7bd322164c67926ffe272846d4860196dc6", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/13fcb7bd322164c67926ffe272846d4860196dc6" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13fcb7bd322164c67926ffe272846d4860196dc6",
} "refsource": "CONFIRM",
] "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13fcb7bd322164c67926ffe272846d4860196dc6"
} },
{
"name": "[oss-security] 20110803 Re: CVE request: Linux kernel af_packet information leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/03/7"
},
{
"name": "https://github.com/torvalds/linux/commit/13fcb7bd322164c67926ffe272846d4860196dc6",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/13fcb7bd322164c67926ffe272846d4860196dc6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=728023",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=728023"
},
{
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3"
}
]
}
} }

148
2011/3xxx/CVE-2011-3002.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3002", "ID": "CVE-2011-3002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html" "lang": "eng",
}, "value": "Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=680840", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=680840" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2011:141", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:141" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:14388", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14388" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-41.html"
},
{
"name": "MDVSA-2011:141",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:141"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=680840",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=680840"
},
{
"name": "oval:org.mitre.oval:def:14388",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14388"
}
]
}
} }

158
2011/3xxx/CVE-2011-3206.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-3206", "ID": "CVE-2011-3206",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=734662", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=734662" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "RHSA-2012:0089", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0089.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1026435", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1026435" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "47197", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/47197" ]
}, },
{ "references": {
"name" : "47280", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47280" "name": "47197",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/47197"
} },
{
"name": "47280",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47280"
},
{
"name": "RHSA-2012:0089",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0089.html"
},
{
"name": "1026435",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026435"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=734662",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=734662"
}
]
}
} }

248
2011/3xxx/CVE-2011-3211.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-3211", "ID": "CVE-2011-3211",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[bcfg-dev] 20110816 Security flaw in 1.1.x; testers wanted", "description_data": [
"refsource" : "MLIST", {
"url" : "http://article.gmane.org/gmane.comp.sysutils.bcfg2.devel/4318" "lang": "eng",
}, "value": "The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client."
{ }
"name" : "[oss-security] 20110901 CVE request for bcfg2 (remote root)", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2011/09/01/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110906 Re: CVE request for bcfg2 (remote root)", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/09/06/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028", ]
"refsource" : "CONFIRM", }
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=736279", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=736279" "name": "https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7"
"name" : "https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=736279",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=736279"
"name" : "https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7" "name": "49414",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/49414"
"name" : "DSA-2302", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2302" "name": "46042",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46042"
"name" : "FEDORA-2011-12298", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066071.html" "name": "DSA-2302",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2302"
"name" : "FEDORA-2011-12303", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066070.html" "name": "FEDORA-2011-12303",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066070.html"
"name" : "49414", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/49414" "name": "45926",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/45926"
"name" : "45807", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45807" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028"
"name" : "45926", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45926" "name": "[bcfg-dev] 20110816 Security flaw in 1.1.x; testers wanted",
}, "refsource": "MLIST",
{ "url": "http://article.gmane.org/gmane.comp.sysutils.bcfg2.devel/4318"
"name" : "46042", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46042" "name": "45807",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/45807"
} },
{
"name": "[oss-security] 20110906 Re: CVE request for bcfg2 (remote root)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/09/06/1"
},
{
"name": "FEDORA-2011-12298",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066071.html"
},
{
"name": "https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53",
"refsource": "CONFIRM",
"url": "https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53"
},
{
"name": "[oss-security] 20110901 CVE request for bcfg2 (remote root)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/09/01/1"
}
]
}
} }

32
2011/3xxx/CVE-2011-3336.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3336", "ID": "CVE-2011-3336",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2011/4xxx/CVE-2011-4104.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4104", "ID": "CVE-2011-4104",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20111102 Re: CVE request for Django-piston and Tastypie", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/11/02/1" "lang": "eng",
}, "value": "The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method."
{ }
"name" : "[oss-security] 20111102 Re: Re: CVE request for Django-piston and Tastypie", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/11/02/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/", "description": [
"refsource" : "MISC", {
"url" : "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2" ]
}, },
{ "references": {
"name" : "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI" "name": "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI",
} "refsource": "CONFIRM",
] "url": "https://groups.google.com/forum/#!topic/django-tastypie/i2aNGDHTUBI"
} },
{
"name": "[oss-security] 20111102 Re: Re: CVE request for Django-piston and Tastypie",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/7"
},
{
"name": "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/",
"refsource": "MISC",
"url": "https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/"
},
{
"name": "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2",
"refsource": "CONFIRM",
"url": "https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2"
},
{
"name": "[oss-security] 20111102 Re: CVE request for Django-piston and Tastypie",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/11/02/1"
}
]
}
} }

32
2011/4xxx/CVE-2011-4398.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4398", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-4398",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }
} }

32
2011/4xxx/CVE-2011-4400.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4400", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-4400",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }
} }

128
2013/0xxx/CVE-2013-0226.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0226", "ID": "CVE-2013-0226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the \"view shortcuts\" permission to read nodes or (2) remote authenticated users with the \"admin shortcuts\" permission to read, edit, or delete nodes via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130124 Re: CVE request for Drupal contributed modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/01/25/4" "lang": "eng",
}, "value": "The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the \"view shortcuts\" permission to read nodes or (2) remote authenticated users with the \"admin shortcuts\" permission to read, edit, or delete nodes via unspecified vectors."
{ }
"name" : "https://drupal.org/node/1896752", ]
"refsource" : "MISC", },
"url" : "https://drupal.org/node/1896752" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://drupal.org/node/1896752",
"refsource": "MISC",
"url": "https://drupal.org/node/1896752"
},
{
"name": "[oss-security] 20130124 Re: CVE request for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/01/25/4"
}
]
}
} }

158
2013/0xxx/CVE-2013-0797.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2013-0797", "ID": "CVE-2013-0797",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2013/mfsa2013-34.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2013/mfsa2013-34.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=830134", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=830134" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2013:0645", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2013:0850", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:17146", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17146" "name": "SUSE-SU-2013:0850",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
} },
{
"name": "oval:org.mitre.oval:def:17146",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17146"
},
{
"name": "http://www.mozilla.org/security/announce/2013/mfsa2013-34.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-34.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=830134",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=830134"
},
{
"name": "SUSE-SU-2013:0645",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
}
]
}
} }

138
2013/1xxx/CVE-2013-1498.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-1498", "ID": "CVE-2013-1498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:19498", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19498" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "oval:org.mitre.oval:def:19498",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19498"
}
]
}
} }

148
2013/1xxx/CVE-2013-1802.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1802", "ID": "CVE-2013-1802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=917233", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=917233" "lang": "eng",
}, "value": "The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156."
{ }
"name" : "https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately", ]
"refsource" : "MISC", },
"url" : "https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/datamapper/extlib/compare/b4f98174ec35ac96f76a08d5624fad05d22879b5...4540e7102b803624cc2eade4bb8aaaa934fc31c5", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/datamapper/extlib/compare/b4f98174ec35ac96f76a08d5624fad05d22879b5...4540e7102b803624cc2eade4bb8aaaa934fc31c5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2013:0612", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00002.html" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://github.com/datamapper/extlib/compare/b4f98174ec35ac96f76a08d5624fad05d22879b5...4540e7102b803624cc2eade4bb8aaaa934fc31c5",
"refsource": "CONFIRM",
"url": "https://github.com/datamapper/extlib/compare/b4f98174ec35ac96f76a08d5624fad05d22879b5...4540e7102b803624cc2eade4bb8aaaa934fc31c5"
},
{
"name": "SUSE-SU-2013:0612",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00002.html"
},
{
"name": "https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately",
"refsource": "MISC",
"url": "https://support.cloud.engineyard.com/entries/22915701-january-14-2013-security-vulnerabilities-httparty-extlib-crack-nori-update-these-gems-immediately"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=917233",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=917233"
}
]
}
} }

158
2013/5xxx/CVE-2013-5364.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2013-5364", "ID": "CVE-2013-5364",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secunia.com/vulnerability_scanning/corporate/release-history/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://secunia.com/vulnerability_scanning/corporate/release-history/" "lang": "eng",
}, "value": "Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file."
{ }
"name" : "64775", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64775" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101901", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/101901" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "56380", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/56380" ]
}, },
{ "references": {
"name" : "csi-agent-cve20135364-data-manipulation(90230)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90230" "name": "64775",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/64775"
} },
{
"name": "http://secunia.com/vulnerability_scanning/corporate/release-history/",
"refsource": "CONFIRM",
"url": "http://secunia.com/vulnerability_scanning/corporate/release-history/"
},
{
"name": "101901",
"refsource": "OSVDB",
"url": "http://osvdb.org/101901"
},
{
"name": "56380",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56380"
},
{
"name": "csi-agent-cve20135364-data-manipulation(90230)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90230"
}
]
}
} }

188
2013/5xxx/CVE-2013-5673.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5673", "ID": "CVE-2013-5673",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130901 IndiaNIC Testimonail WP plugin - Multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html" "lang": "eng",
}, "value": "SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php."
{ }
"name" : "28054", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/28054" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2013/Sep/5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin", ]
"refsource" : "MLIST", }
"url" : "http://seclists.org/oss-sec/2013/q3/531" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/123036", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/123036" "name": "96793",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/96793"
"name" : "62108", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/62108" "name": "20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2013/Sep/5"
"name" : "96793", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/96793" "name": "[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin",
}, "refsource": "MLIST",
{ "url": "http://seclists.org/oss-sec/2013/q3/531"
"name" : "indianictestimon-cve20135673-sql-injection(86847)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86847" "name": "indianictestimon-cve20135673-sql-injection(86847)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86847"
} },
{
"name": "28054",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/28054"
},
{
"name": "http://packetstormsecurity.com/files/123036",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/123036"
},
{
"name": "62108",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62108"
},
{
"name": "20130901 IndiaNIC Testimonail WP plugin - Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html"
}
]
}
} }

118
2013/5xxx/CVE-2013-5708.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5708", "ID": "CVE-2013-5708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Coursemill Learning Management System (LMS) 6.8 constructs secret tokens based on time values, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via vectors related to cookies, a different vulnerability than CVE-2013-3605."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#960908", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/960908" "lang": "eng",
} "value": "Coursemill Learning Management System (LMS) 6.8 constructs secret tokens based on time values, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via vectors related to cookies, a different vulnerability than CVE-2013-3605."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#960908",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/960908"
}
]
}
} }

168
2013/5xxx/CVE-2013-5882.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5882", "ID": "CVE-2013-5882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures."
{ }
"name" : "GLSA-201409-04", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201409-04.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64758", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64758" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "64854", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/64854" ]
}, },
{ "references": {
"name" : "56491", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56491" "name": "64854",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/64854"
"name" : "oracle-cpujan2014-cve20135882(90374)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90374" "name": "56491",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/56491"
} },
{
"name": "oracle-cpujan2014-cve20135882(90374)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90374"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "GLSA-201409-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
]
}
} }

118
2014/2xxx/CVE-2014-2135.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2135", "ID": "CVE-2014-2135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex" "lang": "eng",
} "value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
} }

168
2014/2xxx/CVE-2014-2610.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2014-2610", "ID": "CVE-2014-2610",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-14-209/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-14-209/" "lang": "eng",
}, "value": "Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117."
{ }
"name" : "HPSBMU03048", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT101435", "description": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "68093", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/68093" ]
}, },
{ "references": {
"name" : "1030439", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030439" "name": "59363",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59363"
"name" : "59363", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59363" "name": "http://zerodayinitiative.com/advisories/ZDI-14-209/",
} "refsource": "MISC",
] "url": "http://zerodayinitiative.com/advisories/ZDI-14-209/"
} },
{
"name": "68093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68093"
},
{
"name": "1030439",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030439"
},
{
"name": "SSRT101435",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295"
},
{
"name": "HPSBMU03048",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295"
}
]
}
} }

138
2014/2xxx/CVE-2014-2817.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-2817", "ID": "CVE-2014-2817",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-051", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""
{ }
"name" : "69092", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/69092" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030715", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030715" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "69092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69092"
},
{
"name": "1030715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030715"
},
{
"name": "MS14-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
}
]
}
} }

32
2014/2xxx/CVE-2014-2832.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2832", "ID": "CVE-2014-2832",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2014/2xxx/CVE-2014-2891.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2891", "ID": "CVE-2014-2891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html" "lang": "eng",
}, "value": "strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload."
{ }
"name" : "DSA-2922", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2014/dsa-2922" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openSUSE-SU-2014:0697", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2014:0700", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html" ]
}, },
{ "references": {
"name" : "67212", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/67212" "name": "59864",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59864"
"name" : "59864", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59864" "name": "DSA-2922",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2014/dsa-2922"
} },
{
"name": "67212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67212"
},
{
"name": "openSUSE-SU-2014:0697",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html"
},
{
"name": "openSUSE-SU-2014:0700",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html"
},
{
"name": "http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html",
"refsource": "CONFIRM",
"url": "http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html"
}
]
}
} }

32
2014/2xxx/CVE-2014-2911.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2911", "ID": "CVE-2014-2911",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2017/0xxx/CVE-2017-0634.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0634", "ID": "CVE-2017-0634",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32511682."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-05-01" "lang": "eng",
}, "value": "An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32511682."
{ }
"name" : "98224", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98224" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98224"
}
]
}
} }

166
2017/0xxx/CVE-2017-0870.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-12-04T00:00:00", "DATE_PUBLIC": "2017-12-04T00:00:00",
"ID" : "CVE-2017-0870", "ID": "CVE-2017-0870",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.1.1" "version_value": "5.1.1"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "7.1.1" "version_value": "7.1.1"
}, },
{ {
"version_value" : "7.1.2" "version_value": "7.1.2"
}, },
{ {
"version_value" : "8.0" "version_value": "8.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-12-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-12-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807."
{ }
"name" : "102131", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102131" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102131"
},
{
"name": "https://source.android.com/security/bulletin/2017-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-12-01"
}
]
}
} }

32
2017/0xxx/CVE-2017-0943.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0943", "ID": "CVE-2017-0943",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2017/1000xxx/CVE-2017-1000088.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.310000", "DATE_ASSIGNED": "2017-08-22T17:29:33.310000",
"ID" : "CVE-2017-1000088", "ID": "CVE-2017-1000088",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins Sidebar Link Plugin", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.8 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins Sidebar Link Plugin" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2017-07-10/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2017-07-10/" "lang": "eng",
} "value": "The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-07-10/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
]
}
} }

142
2017/1000xxx/CVE-2017-1000392.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-11-17", "DATE_ASSIGNED": "2017-11-17",
"ID" : "CVE-2017-1000392", "ID": "CVE-2017-1000392",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.88 and earlier; 2.73.2 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scripting vulnerability if the source for the suggestions allowed specifying text that includes HTML metacharacters like less-than and greater-than characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2017-11-08/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2017-11-08/" "lang": "eng",
}, "value": "Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scripting vulnerability if the source for the suggestions allowed specifying text that includes HTML metacharacters like less-than and greater-than characters."
{ }
"name" : "101773", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101773" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "102826", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102826" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "102826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102826"
},
{
"name": "101773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101773"
},
{
"name": "https://jenkins.io/security/advisory/2017-11-08/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-11-08/"
}
]
}
} }

32
2017/16xxx/CVE-2017-16494.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-16494", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-16494",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

118
2017/16xxx/CVE-2017-16765.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16765", "ID": "CVE-2017-16765",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gist.github.com/shiham101/d8f98d4ce302c12576f39af2ad2448ca", "description_data": [
"refsource" : "MISC", {
"url" : "https://gist.github.com/shiham101/d8f98d4ce302c12576f39af2ad2448ca" "lang": "eng",
} "value": "XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/shiham101/d8f98d4ce302c12576f39af2ad2448ca",
"refsource": "MISC",
"url": "https://gist.github.com/shiham101/d8f98d4ce302c12576f39af2ad2448ca"
}
]
}
} }

32
2017/16xxx/CVE-2017-16900.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16900", "ID": "CVE-2017-16900",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2017/1xxx/CVE-2017-1299.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1299", "ID": "CVE-2017-1299",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www-prd-trops.events.ibm.com/node/715749", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www-prd-trops.events.ibm.com/node/715749" "lang": "eng",
}, "value": "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161."
{ }
"name" : "ibm-rqm-cve20171299-xss(125161)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125161" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-rqm-cve20171299-xss(125161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125161"
},
{
"name": "https://www-prd-trops.events.ibm.com/node/715749",
"refsource": "CONFIRM",
"url": "https://www-prd-trops.events.ibm.com/node/715749"
}
]
}
} }

218
2017/1xxx/CVE-2017-1332.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-07-25T00:00:00", "DATE_PUBLIC": "2017-07-25T00:00:00",
"ID" : "CVE-2017-1332", "ID": "CVE-2017-1332",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iNotes", "product_name": "iNotes",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0" "version_value": "9.0"
}, },
{ {
"version_value" : "8.5.3" "version_value": "8.5.3"
}, },
{ {
"version_value" : "8.5.2" "version_value": "8.5.2"
}, },
{ {
"version_value" : "8.5.1" "version_value": "8.5.1"
}, },
{ {
"version_value" : "8.5" "version_value": "8.5"
}, },
{ {
"version_value" : "8.5.3.6" "version_value": "8.5.3.6"
}, },
{ {
"version_value" : "9.0.1" "version_value": "9.0.1"
}, },
{ {
"version_value" : "8.5.1.5" "version_value": "8.5.1.5"
}, },
{ {
"version_value" : "8.5.2.4" "version_value": "8.5.2.4"
}, },
{ {
"version_value" : "8.5.2.1" "version_value": "8.5.2.1"
}, },
{ {
"version_value" : "8.5.3.1" "version_value": "8.5.3.1"
}, },
{ {
"version_value" : "9.0.1.1" "version_value": "9.0.1.1"
}, },
{ {
"version_value" : "8.5.1.1" "version_value": "8.5.1.1"
}, },
{ {
"version_value" : "9.0.1.8" "version_value": "9.0.1.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234" "lang": "eng",
}, "value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005233", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005233" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100028", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100028" "lang": "eng",
} "value": "Cross-Site Scripting"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005233",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005233"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126234"
},
{
"name": "100028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100028"
}
]
}
} }

32
2017/4xxx/CVE-2017-4370.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4370", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4370",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4497.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4497", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4497",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }