admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:39:11 +00:00
parent 788f2aaafb
commit 7cb4d730d7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3445 additions and 3445 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2001/0xxx/CVE-2001-0219.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0219", "ID": "CVE-2001-0219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service." "value": "Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBUX0101-137", "name": "2239",
"refsource" : "HP", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/hp/2001-q1/0016.html" "url": "http://www.securityfocus.com/bid/2239"
}, },
{ {
"name" : "hp-stm-dos(5957)", "name": "HPSBUX0101-137",
"refsource" : "XF", "refsource": "HP",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5957" "url": "http://archives.neohapsis.com/archives/hp/2001-q1/0016.html"
}, },
{ {
"name" : "2239", "name": "7030",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/2239" "url": "http://www.osvdb.org/7030"
}, },
{ {
"name" : "6991", "name": "6991",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/6991" "url": "http://www.osvdb.org/6991"
}, },
{ {
"name" : "7029", "name": "7029",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/7029" "url": "http://www.osvdb.org/7029"
}, },
{ {
"name" : "7030", "name": "hp-stm-dos(5957)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/7030" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5957"
} }
] ]
} }

74
2001/0xxx/CVE-2001-0238.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0238", "ID": "CVE-2001-0238",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests." "value": "Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS01-022", "name": "L-074",
"refsource" : "MS", "refsource": "CIAC",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-022" "url": "http://www.ciac.org/ciac/bulletins/l-074.shtml"
}, },
{ {
"name" : "L-074", "name": "MS01-022",
"refsource" : "CIAC", "refsource": "MS",
"url" : "http://www.ciac.org/ciac/bulletins/l-074.shtml" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-022"
}, },
{ {
"name" : "ms-dacipp-webdav-access(6405)", "name": "ms-dacipp-webdav-access(6405)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6405" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6405"
} }
] ]
} }

80
2001/0xxx/CVE-2001-0558.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0558", "ID": "CVE-2001-0558",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0)." "value": "T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010507 Advisory for Jana server", "name": "20010507 Advisory for Jana server",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0086.html"
}, },
{ {
"name" : "jana-server-device-dos(6521)", "name": "2704",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6521" "url": "http://www.securityfocus.com/bid/2704"
}, },
{ {
"name" : "2704", "name": "jana-server-device-dos(6521)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/2704" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6521"
}, },
{ {
"name" : "1817", "name": "1817",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/1817" "url": "http://www.osvdb.org/1817"
} }
] ]
} }

74
2001/0xxx/CVE-2001-0585.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0585", "ID": "CVE-2001-0585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000." "value": "Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010320 def-2001-13: NTMail Web Services DoS", "name": "2494",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-03/0248.html" "url": "http://www.securityfocus.com/bid/2494"
}, },
{ {
"name" : "2494", "name": "ntmail-long-url-dos(6249)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/2494" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6249"
}, },
{ {
"name" : "ntmail-long-url-dos(6249)", "name": "20010320 def-2001-13: NTMail Web Services DoS",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6249" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0248.html"
} }
] ]
} }

74
2001/0xxx/CVE-2001-0745.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0745", "ID": "CVE-2001-0745",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property." "value": "Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010605 SECURITY.NNOV: Netscape 4.7x Messanger user information retrival", "name": "20010605 SECURITY.NNOV: Netscape 4.7x Messanger user information retrival",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0014.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0014.html"
}, },
{ {
"name" : "netscape-user-info-retrieval(7417)", "name": "netscape-user-info-retrieval(7417)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7417" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7417"
}, },
{ {
"name" : "5543", "name": "5543",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/5543" "url": "http://www.osvdb.org/5543"
} }
] ]
} }

110
2001/0xxx/CVE-2001-0877.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0877", "ID": "CVE-2001-0877",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system." "value": "Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "name": "VU#411059",
"refsource" : "BUGTRAQ", "refsource": "CERT-VN",
"url" : "http://marc.info/?l=bugtraq&m=100887440810532&w=2" "url": "http://www.kb.cert.org/vuls/id/411059"
}, },
{ {
"name" : "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "name": "M-030",
"refsource" : "NTBUGTRAQ", "refsource": "CIAC",
"url" : "http://marc.info/?l=ntbugtraq&m=100887271006313&w=2" "url": "http://www.ciac.org/ciac/bulletins/m-030.shtml"
}, },
{ {
"name" : "20020109 UPNP Denial of Service", "name": "20020109 UPNP Denial of Service",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/249238" "url": "http://www.securityfocus.com/archive/1/249238"
}, },
{ {
"name" : "MS01-059", "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities",
"refsource" : "MS", "refsource": "NTBUGTRAQ",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059" "url": "http://marc.info/?l=ntbugtraq&m=100887271006313&w=2"
}, },
{ {
"name" : "CA-2001-37", "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities",
"refsource" : "CERT", "refsource": "BUGTRAQ",
"url" : "http://www.cert.org/advisories/CA-2001-37.html" "url": "http://marc.info/?l=bugtraq&m=100887440810532&w=2"
}, },
{ {
"name" : "VU#411059", "name": "CA-2001-37",
"refsource" : "CERT-VN", "refsource": "CERT",
"url" : "http://www.kb.cert.org/vuls/id/411059" "url": "http://www.cert.org/advisories/CA-2001-37.html"
}, },
{ {
"name" : "M-030", "name": "win-upnp-udp-dos(7722)",
"refsource" : "CIAC", "refsource": "XF",
"url" : "http://www.ciac.org/ciac/bulletins/m-030.shtml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7722"
}, },
{ {
"name" : "3724", "name": "MS01-059",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/3724" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059"
}, },
{ {
"name" : "win-upnp-udp-dos(7722)", "name": "3724",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7722" "url": "http://www.securityfocus.com/bid/3724"
} }
] ]
} }

68
2001/0xxx/CVE-2001-0892.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0892", "ID": "CVE-2001-0892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /." "value": "Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20011113 Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln", "name": "20011113 Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=100568999726036&w=2" "url": "http://marc.info/?l=bugtraq&m=100568999726036&w=2"
}, },
{ {
"name" : "http://www.acme.com/software/thttpd/", "name": "http://www.acme.com/software/thttpd/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.acme.com/software/thttpd/" "url": "http://www.acme.com/software/thttpd/"
} }
] ]
} }

86
2006/2xxx/CVE-2006-2295.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2295", "ID": "CVE-2006-2295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php." "value": "Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html", "name": "ADV-2006-1699",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html" "url": "http://www.vupen.com/english/advisories/2006/1699"
}, },
{ {
"name" : "17896", "name": "http://d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/17896" "url": "http://d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html"
}, },
{ {
"name" : "ADV-2006-1699", "name": "17896",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/1699" "url": "http://www.securityfocus.com/bid/17896"
}, },
{ {
"name" : "19995", "name": "19995",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/19995" "url": "http://secunia.com/advisories/19995"
}, },
{ {
"name" : "dynamicgalerie-multiple-path-disclosure(26322)", "name": "dynamicgalerie-multiple-path-disclosure(26322)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26322" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26322"
} }
] ]
} }

260
2006/2xxx/CVE-2006-2314.json
View File

@ -1,226 +1,226 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2314", "ID": "CVE-2006-2314",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the \"\\\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of \"Encoding-Based SQL Injection.\" NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem." "value": "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the \"\\\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of \"Encoding-Based SQL Injection.\" NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15", "name": "postgresql-ascii-sql-injection(26628)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/435038/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26628"
}, },
{ {
"name" : "20060524 rPSA-2006-0080-1 postgresql postgresql-server", "name": "GLSA-200607-04",
"refsource" : "BUGTRAQ", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/archive/1/435161/100/0/threaded" "url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
}, },
{ {
"name" : "[pgsql-announce] 20060523 Security Releases for All Active Versions", "name": "20435",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php" "url": "http://secunia.com/advisories/20435"
}, },
{ {
"name" : "http://www.postgresql.org/docs/techdocs.50", "name": "18092",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.postgresql.org/docs/techdocs.50" "url": "http://www.securityfocus.com/bid/18092"
}, },
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm", "name": "20503",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm" "url": "http://secunia.com/advisories/20503"
}, },
{ {
"name" : "DSA-1087", "name": "20451",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2006/dsa-1087" "url": "http://secunia.com/advisories/20451"
}, },
{ {
"name" : "GLSA-200607-04", "name": "21001",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-200607-04.xml" "url": "http://secunia.com/advisories/21001"
}, },
{ {
"name" : "MDKSA-2006:098", "name": "http://www.postgresql.org/docs/techdocs.50",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098" "url": "http://www.postgresql.org/docs/techdocs.50"
}, },
{ {
"name" : "RHSA-2006:0526", "name": "20231",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0526.html" "url": "http://secunia.com/advisories/20231"
}, },
{ {
"name" : "20060602-01-U", "name": "20653",
"refsource" : "SGI", "refsource": "SECUNIA",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc" "url": "http://secunia.com/advisories/20653"
}, },
{ {
"name" : "SUSE-SA:2006:030", "name": "SUSE-SA:2006:030",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html" "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
}, },
{ {
"name" : "SUSE-SR:2006:021", "name": "21749",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://www.novell.com/linux/security/advisories/2006_21_sr.html" "url": "http://secunia.com/advisories/21749"
}, },
{ {
"name" : "2006-0032", "name": "25731",
"refsource" : "TRUSTIX", "refsource": "OSVDB",
"url" : "http://www.trustix.org/errata/2006/0032/" "url": "http://www.osvdb.org/25731"
}, },
{ {
"name" : "USN-288-1", "name": "20782",
"refsource" : "UBUNTU", "refsource": "SECUNIA",
"url" : "https://usn.ubuntu.com/288-1/" "url": "http://secunia.com/advisories/20782"
}, },
{ {
"name" : "USN-288-2", "name": "RHSA-2006:0526",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/usn-288-2" "url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
}, },
{ {
"name" : "USN-288-3", "name": "2006-0032",
"refsource" : "UBUNTU", "refsource": "TRUSTIX",
"url" : "http://www.ubuntu.com/usn/usn-288-3" "url": "http://www.trustix.org/errata/2006/0032/"
}, },
{ {
"name" : "18092", "name": "20060602-01-U",
"refsource" : "BID", "refsource": "SGI",
"url" : "http://www.securityfocus.com/bid/18092" "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
}, },
{ {
"name" : "oval:org.mitre.oval:def:9947", "name": "ADV-2006-1941",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947" "url": "http://www.vupen.com/english/advisories/2006/1941"
}, },
{ {
"name" : "ADV-2006-1941", "name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2006/1941" "url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
}, },
{ {
"name" : "25731", "name": "20232",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/25731" "url": "http://secunia.com/advisories/20232"
}, },
{ {
"name" : "1016142", "name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1016142" "url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
}, },
{ {
"name" : "20231", "name": "USN-288-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/20231" "url": "https://usn.ubuntu.com/288-1/"
}, },
{ {
"name" : "20232", "name": "MDKSA-2006:098",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/20232" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
}, },
{ {
"name" : "20314", "name": "SUSE-SR:2006:021",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/20314" "url": "http://www.novell.com/linux/security/advisories/2006_21_sr.html"
}, },
{ {
"name" : "20435", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/20435" "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
}, },
{ {
"name" : "20451", "name": "postgresql-multibyte-sql-injection(26627)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/20451" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
}, },
{ {
"name" : "20503", "name": "oval:org.mitre.oval:def:9947",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/20503" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947"
}, },
{ {
"name" : "20555", "name": "20555",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20555" "url": "http://secunia.com/advisories/20555"
}, },
{ {
"name" : "20782", "name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/20782" "url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
}, },
{ {
"name" : "21001", "name": "1016142",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/21001" "url": "http://securitytracker.com/id?1016142"
}, },
{ {
"name" : "21749", "name": "USN-288-3",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/21749" "url": "http://www.ubuntu.com/usn/usn-288-3"
}, },
{ {
"name" : "20653", "name": "USN-288-2",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/20653" "url": "http://www.ubuntu.com/usn/usn-288-2"
}, },
{ {
"name" : "postgresql-ascii-sql-injection(26628)", "name": "20314",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26628" "url": "http://secunia.com/advisories/20314"
}, },
{ {
"name" : "postgresql-multibyte-sql-injection(26627)", "name": "DSA-1087",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627" "url": "http://www.debian.org/security/2006/dsa-1087"
} }
] ]
} }

22
2006/2xxx/CVE-2006-2657.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-2657", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2006-2657",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3017. Reason: This candidate is a reservation duplicate of CVE-2006-3017. Notes: All CVE users should reference CVE-2006-3017 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3017. Reason: This candidate is a reservation duplicate of CVE-2006-3017. Notes: All CVE users should reference CVE-2006-3017 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

80
2006/2xxx/CVE-2006-2970.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2970", "ID": "CVE-2006-2970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message." "value": "videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060609 TinyMuw v1.0 - XSS", "name": "20060609 TinyMuw v1.0 - XSS",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436640/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/436640/100/0/threaded"
}, },
{ {
"name" : "ADV-2006-2310", "name": "tinymuw-videopage-path-disclosure(27155)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2006/2310" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27155"
}, },
{ {
"name" : "1091", "name": "ADV-2006-2310",
"refsource" : "SREASON", "refsource": "VUPEN",
"url" : "http://securityreason.com/securityalert/1091" "url": "http://www.vupen.com/english/advisories/2006/2310"
}, },
{ {
"name" : "tinymuw-videopage-path-disclosure(27155)", "name": "1091",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27155" "url": "http://securityreason.com/securityalert/1091"
} }
] ]
} }

104
2006/6xxx/CVE-2006-6276.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6276", "ID": "CVE-2006-6276",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors." "value": "HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "102733", "name": "102733",
"refsource" : "SUNALERT", "refsource": "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102733-1" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102733-1"
}, },
{ {
"name" : "21371", "name": "23186",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/21371" "url": "http://secunia.com/advisories/23186"
}, },
{ {
"name" : "ADV-2006-4793", "name": "1017324",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2006/4793" "url": "http://securitytracker.com/id?1017324"
}, },
{ {
"name" : "1017322", "name": "sunserver-proxy-csrf(30662)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1017322" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30662"
}, },
{ {
"name" : "1017323", "name": "ADV-2006-4793",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://securitytracker.com/id?1017323" "url": "http://www.vupen.com/english/advisories/2006/4793"
}, },
{ {
"name" : "1017324", "name": "21371",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1017324" "url": "http://www.securityfocus.com/bid/21371"
}, },
{ {
"name" : "23186", "name": "1017323",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/23186" "url": "http://securitytracker.com/id?1017323"
}, },
{ {
"name" : "sunserver-proxy-csrf(30662)", "name": "1017322",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30662" "url": "http://securitytracker.com/id?1017322"
} }
] ]
} }

104
2006/6xxx/CVE-2006-6345.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6345", "ID": "CVE-2006-6345",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. NOTE: This information is based upon an initial disclosure. Details will be updated after the grace period has ended. This issue is different from CVE-2006-4133 and CVE-2006-4134." "value": "Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. NOTE: This information is based upon an initial disclosure. Details will be updated after the grace period has ended. This issue is different from CVE-2006-4133 and CVE-2006-4134."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061205 CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal", "name": "21449",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/453561/100/0/threaded" "url": "http://www.securityfocus.com/bid/21449"
}, },
{ {
"name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_Arbitrary_File_Removal.pdf", "name": "sap-http-file-deletion(30765)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_Arbitrary_File_Removal.pdf" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30765"
}, },
{ {
"name" : "21449", "name": "ADV-2006-4863",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/21449" "url": "http://www.vupen.com/english/advisories/2006/4863"
}, },
{ {
"name" : "ADV-2006-4863", "name": "23262",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/4863" "url": "http://secunia.com/advisories/23262"
}, },
{ {
"name" : "1017342", "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_Arbitrary_File_Removal.pdf",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1017342" "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_Arbitrary_File_Removal.pdf"
}, },
{ {
"name" : "23262", "name": "1986",
"refsource" : "SECUNIA", "refsource": "SREASON",
"url" : "http://secunia.com/advisories/23262" "url": "http://securityreason.com/securityalert/1986"
}, },
{ {
"name" : "1986", "name": "1017342",
"refsource" : "SREASON", "refsource": "SECTRACK",
"url" : "http://securityreason.com/securityalert/1986" "url": "http://securitytracker.com/id?1017342"
}, },
{ {
"name" : "sap-http-file-deletion(30765)", "name": "20061205 CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30765" "url": "http://www.securityfocus.com/archive/1/453561/100/0/threaded"
} }
] ]
} }

80
2011/2xxx/CVE-2011-2211.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2211", "ID": "CVE-2011-2211",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory." "value": "The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110615 Re: CVE request: kernel: alpha: fix several security issues", "name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/15/7" "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4"
}, },
{ {
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4", "name": "[oss-security] 20110615 Re: CVE request: kernel: alpha: fix several security issues",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4" "url": "http://www.openwall.com/lists/oss-security/2011/06/15/7"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21c5977a836e399fc710ff2c5367845ed5c2527f", "name": "https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21c5977a836e399fc710ff2c5367845ed5c2527f" "url": "https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21c5977a836e399fc710ff2c5367845ed5c2527f",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21c5977a836e399fc710ff2c5367845ed5c2527f"
} }
] ]
} }

68
2011/2xxx/CVE-2011-2478.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2478", "ID": "CVE-2011-2478",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file." "value": "Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://technet.microsoft.com/en-us/security/msvr/msvr11-006", "name": "http://technet.microsoft.com/en-us/security/msvr/msvr11-006",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://technet.microsoft.com/en-us/security/msvr/msvr11-006" "url": "http://technet.microsoft.com/en-us/security/msvr/msvr11-006"
}, },
{ {
"name" : "http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1", "name": "http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1" "url": "http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1"
} }
] ]
} }

74
2011/2xxx/CVE-2011-2733.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2011-2733", "ID": "CVE-2011-2733",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information." "value": "EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110816 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)", "name": "49574",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/519346/100/0/threaded" "url": "http://www.securityfocus.com/bid/49574"
}, },
{ {
"name" : "49574", "name": "20110816 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/49574" "url": "http://www.securityfocus.com/archive/1/519346/100/0/threaded"
}, },
{ {
"name" : "8344", "name": "8344",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/8344" "url": "http://securityreason.com/securityalert/8344"
} }
] ]
} }

86
2011/2xxx/CVE-2011-2917.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2917", "ID": "CVE-2011-2917",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter." "value": "SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18110", "name": "49130",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/18110" "url": "http://www.securityfocus.com/bid/49130"
}, },
{ {
"name" : "[oss-security] 20110812 Re: CVE Request: Mambo CMS 4.6.x (4.6.5) | SQL Injection", "name": "http://yehg.net/lab/pr0js/advisories/%5Bmambo4.6_x%5D_sql_injection",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2011/08/12/6" "url": "http://yehg.net/lab/pr0js/advisories/%5Bmambo4.6_x%5D_sql_injection"
}, },
{ {
"name" : "http://yehg.net/lab/pr0js/advisories/%5Bmambo4.6_x%5D_sql_injection", "name": "[oss-security] 20110812 Re: CVE Request: Mambo CMS 4.6.x (4.6.5) | SQL Injection",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://yehg.net/lab/pr0js/advisories/%5Bmambo4.6_x%5D_sql_injection" "url": "http://www.openwall.com/lists/oss-security/2011/08/12/6"
}, },
{ {
"name" : "49130", "name": "18110",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/49130" "url": "http://www.exploit-db.com/exploits/18110"
}, },
{ {
"name" : "74502", "name": "74502",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/74502" "url": "http://www.osvdb.org/74502"
} }
] ]
} }

98
2011/3xxx/CVE-2011-3439.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3439", "ID": "CVE-2011-3439",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document." "value": "FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5052", "name": "openSUSE-SU-2012:0015",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://support.apple.com/kb/HT5052" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2011-11-10-1", "name": "SUSE-SU-2011:1307",
"refsource" : "APPLE", "refsource": "SUSE",
"url" : "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00008.html"
}, },
{ {
"name" : "SUSE-SU-2011:1307", "name": "openSUSE-SU-2012:0047",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00008.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00012.html"
}, },
{ {
"name" : "openSUSE-SU-2012:0015", "name": "APPLE-SA-2011-11-10-1",
"refsource" : "SUSE", "refsource": "APPLE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00003.html" "url": "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html"
}, },
{ {
"name" : "openSUSE-SU-2012:0047", "name": "http://support.apple.com/kb/HT5052",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00012.html" "url": "http://support.apple.com/kb/HT5052"
}, },
{ {
"name" : "46921", "name": "46921",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/46921" "url": "http://secunia.com/advisories/46921"
}, },
{ {
"name" : "48951", "name": "48951",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48951" "url": "http://secunia.com/advisories/48951"
} }
] ]
} }

80
2011/3xxx/CVE-2011-3774.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3774", "ID": "CVE-2011-3774",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files." "value": "php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", "name": "phpesp-landing-path-disclosure(70546)",
"refsource" : "MLIST", "refsource": "XF",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70546"
}, },
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
}, },
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHP-Easy-Survey-Package-2.1.1", "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHP-Easy-Survey-Package-2.1.1",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHP-Easy-Survey-Package-2.1.1" "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHP-Easy-Survey-Package-2.1.1"
}, },
{ {
"name" : "phpesp-landing-path-disclosure(70546)", "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70546" "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
} }
] ]
} }

74
2011/4xxx/CVE-2011-4163.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-4163", "ID": "CVE-2011-4163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213." "value": "Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBMU02731", "name": "SSRT100518",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=132517846332173&w=2" "url": "http://marc.info/?l=bugtraq&m=132517846332173&w=2"
}, },
{ {
"name" : "SSRT100518", "name": "HPSBMU02731",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=132517846332173&w=2" "url": "http://marc.info/?l=bugtraq&m=132517846332173&w=2"
}, },
{ {
"name" : "51205", "name": "51205",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/51205" "url": "http://www.securityfocus.com/bid/51205"
} }
] ]
} }

22
2011/4xxx/CVE-2011-4200.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4200", "ID": "CVE-2011-4200",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2011/4xxx/CVE-2011-4255.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4255", "ID": "CVE-2011-4255",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name." "value": "Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://service.real.com/realplayer/security/11182011_player/en/", "name": "http://service.real.com/realplayer/security/11182011_player/en/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://service.real.com/realplayer/security/11182011_player/en/" "url": "http://service.real.com/realplayer/security/11182011_player/en/"
} }
] ]
} }

74
2011/4xxx/CVE-2011-4283.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4283", "ID": "CVE-2011-4283",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml." "value": "Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update", "name": "[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/11/14/1" "url": "http://openwall.com/lists/oss-security/2011/11/14/1"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6", "name": "http://moodle.org/mod/forum/discuss.php?d=170009",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6" "url": "http://moodle.org/mod/forum/discuss.php?d=170009"
}, },
{ {
"name" : "http://moodle.org/mod/forum/discuss.php?d=170009", "name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://moodle.org/mod/forum/discuss.php?d=170009" "url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=6fde0dac702b3d0954bd1c34d427944e9cd89ae6"
} }
] ]
} }

68
2011/4xxx/CVE-2011-4757.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4757", "ID": "CVE-2011-4757",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/auth and certain other files." "value": "Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/auth and certain other files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html", "name": "ppsbp-autocomplete-security-bypass(72209)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72209"
}, },
{ {
"name" : "ppsbp-autocomplete-security-bypass(72209)", "name": "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72209" "url": "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html"
} }
] ]
} }

86
2013/1xxx/CVE-2013-1063.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2013-1063", "ID": "CVE-2013-1063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288." "value": "usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.2", "name": "USN-1963-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.2" "url": "http://www.ubuntu.com/usn/USN-1963-1"
}, },
{ {
"name" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.40ubuntu2", "name": "54901",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.40ubuntu2" "url": "http://secunia.com/advisories/54901"
}, },
{ {
"name" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.47.1", "name": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.40ubuntu2",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://launchpad.net/ubuntu/+source/usb-creator/0.2.47.1" "url": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.40ubuntu2"
}, },
{ {
"name" : "USN-1963-1", "name": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.47.1",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-1963-1" "url": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.47.1"
}, },
{ {
"name" : "54901", "name": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.2",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/54901" "url": "https://launchpad.net/ubuntu/+source/usb-creator/0.2.38.2"
} }
] ]
} }

68
2013/1xxx/CVE-2013-1499.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-1499", "ID": "CVE-2013-1499",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Network Configuration." "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Network Configuration."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "MDVSA-2013:150",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

68
2013/1xxx/CVE-2013-1545.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-1545", "ID": "CVE-2013-1545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors related to Web Listener." "value": "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors related to Web Listener."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "MDVSA-2013:150",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

92
2013/1xxx/CVE-2013-1978.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1978", "ID": "CVE-2013-1978",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries." "value": "Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=953902", "name": "64098",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=953902" "url": "http://www.securityfocus.com/bid/64098"
}, },
{ {
"name" : "DSA-2813", "name": "RHSA-2013:1778",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2013/dsa-2813" "url": "http://rhn.redhat.com/errata/RHSA-2013-1778.html"
}, },
{ {
"name" : "GLSA-201603-01", "name": "GLSA-201603-01",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-01" "url": "https://security.gentoo.org/glsa/201603-01"
}, },
{ {
"name" : "RHSA-2013:1778", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=953902",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1778.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953902"
}, },
{ {
"name" : "USN-2051-1", "name": "DSA-2813",
"refsource" : "UBUNTU", "refsource": "DEBIAN",
"url" : "http://www.ubuntu.com/usn/USN-2051-1" "url": "http://www.debian.org/security/2013/dsa-2813"
}, },
{ {
"name" : "64098", "name": "USN-2051-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/64098" "url": "http://www.ubuntu.com/usn/USN-2051-1"
} }
] ]
} }

68
2013/5xxx/CVE-2013-5097.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5097", "ID": "CVE-2013-5097",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462." "value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://kb.juniper.net/JSA10585", "name": "http://kb.juniper.net/JSA10585",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://kb.juniper.net/JSA10585" "url": "http://kb.juniper.net/JSA10585"
}, },
{ {
"name" : "1028923", "name": "1028923",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1028923" "url": "http://www.securitytracker.com/id/1028923"
} }
] ]
} }

98
2013/5xxx/CVE-2013-5419.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-5419", "ID": "CVE-2013-5419",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership." "value": "Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://aix.software.ibm.com/aix/efixes/security/cmdque_advisory.asc", "name": "IV47429",
"refsource" : "CONFIRM", "refsource": "AIXAPAR",
"url" : "http://aix.software.ibm.com/aix/efixes/security/cmdque_advisory.asc" "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV47429"
}, },
{ {
"name" : "IV47427", "name": "IV47427",
"refsource" : "AIXAPAR", "refsource": "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV47427" "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV47427"
}, },
{ {
"name" : "IV47428", "name": "oval:org.mitre.oval:def:18775",
"refsource" : "AIXAPAR", "refsource": "OVAL",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV47428" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18775"
}, },
{ {
"name" : "IV47429", "name": "aix-printer-cve20135419-bo(87481)",
"refsource" : "AIXAPAR", "refsource": "XF",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV47429" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87481"
}, },
{ {
"name" : "IV47430", "name": "IV47428",
"refsource" : "AIXAPAR", "refsource": "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV47430" "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV47428"
}, },
{ {
"name" : "oval:org.mitre.oval:def:18775", "name": "http://aix.software.ibm.com/aix/efixes/security/cmdque_advisory.asc",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18775" "url": "http://aix.software.ibm.com/aix/efixes/security/cmdque_advisory.asc"
}, },
{ {
"name" : "aix-printer-cve20135419-bo(87481)", "name": "IV47430",
"refsource" : "XF", "refsource": "AIXAPAR",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87481" "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV47430"
} }
] ]
} }

92
2013/5xxx/CVE-2013-5880.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5880", "ID": "CVE-2013-5880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to DM Others." "value": "Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to DM Others."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "name": "102095",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "url": "http://osvdb.org/102095"
}, },
{ {
"name" : "64758", "name": "1029620",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/64758" "url": "http://www.securitytracker.com/id/1029620"
}, },
{ {
"name" : "64836", "name": "56474",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/64836" "url": "http://secunia.com/advisories/56474"
}, },
{ {
"name" : "102095", "name": "64836",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/102095" "url": "http://www.securityfocus.com/bid/64836"
}, },
{ {
"name" : "1029620", "name": "64758",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1029620" "url": "http://www.securityfocus.com/bid/64758"
}, },
{ {
"name" : "56474", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/56474" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
} }
] ]
} }

62
2013/5xxx/CVE-2013-5912.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5912", "ID": "CVE-2013-5912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action." "value": "VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "VU#893462", "name": "VU#893462",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/893462" "url": "http://www.kb.cert.org/vuls/id/893462"
} }
] ]
} }

22
2013/5xxx/CVE-2013-5923.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5923", "ID": "CVE-2013-5923",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2013/5xxx/CVE-2013-5995.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2013-5995", "ID": "CVE-2013-5995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "data/class/helper/SC_Helper_Address.php in the front-features implementation in LOCKON EC-CUBE 2.12.3 through 2.13.0 allows remote authenticated users to obtain sensitive information via unspecified vectors related to addresses." "value": "data/class/helper/SC_Helper_Address.php in the front-features implementation in LOCKON EC-CUBE 2.12.3 through 2.13.0 allows remote authenticated users to obtain sensitive information via unspecified vectors related to addresses."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://svn.ec-cube.net/open_trac/changeset/23274", "name": "JVN#55630933",
"refsource" : "CONFIRM", "refsource": "JVN",
"url" : "http://svn.ec-cube.net/open_trac/changeset/23274" "url": "http://jvn.jp/en/jp/JVN55630933/index.html"
}, },
{ {
"name" : "http://www.ec-cube.net/info/weakness/weakness.php?id=51", "name": "JVNDB-2013-000106",
"refsource" : "CONFIRM", "refsource": "JVNDB",
"url" : "http://www.ec-cube.net/info/weakness/weakness.php?id=51" "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000106"
}, },
{ {
"name" : "JVN#55630933", "name": "http://www.ec-cube.net/info/weakness/weakness.php?id=51",
"refsource" : "JVN", "refsource": "CONFIRM",
"url" : "http://jvn.jp/en/jp/JVN55630933/index.html" "url": "http://www.ec-cube.net/info/weakness/weakness.php?id=51"
}, },
{ {
"name" : "JVNDB-2013-000106", "name": "http://svn.ec-cube.net/open_trac/changeset/23274",
"refsource" : "JVNDB", "refsource": "CONFIRM",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000106" "url": "http://svn.ec-cube.net/open_trac/changeset/23274"
} }
] ]
} }

22
2014/2xxx/CVE-2014-2271.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2271", "ID": "CVE-2014-2271",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2014/2xxx/CVE-2014-2802.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-2802", "ID": "CVE-2014-2802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2787, CVE-2014-2790, and CVE-2014-2806." "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2787, CVE-2014-2790, and CVE-2014-2806."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS14-037", "name": "MS14-037",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037"
}, },
{ {
"name" : "68384", "name": "59775",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/68384" "url": "http://secunia.com/advisories/59775"
}, },
{ {
"name" : "1030532", "name": "68384",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1030532" "url": "http://www.securityfocus.com/bid/68384"
}, },
{ {
"name" : "59775", "name": "1030532",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/59775" "url": "http://www.securitytracker.com/id/1030532"
} }
] ]
} }

64
2017/0xxx/CVE-2017-0671.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-07-05T00:00:00", "DATE_PUBLIC": "2017-07-05T00:00:00",
"ID" : "CVE-2017-0671", "ID": "CVE-2017-0671",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762." "value": "A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote code execution" "value": "Remote code execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01" "url": "https://source.android.com/security/bulletin/2017-07-01"
} }
] ]
} }

84
2017/0xxx/CVE-2017-0767.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-09-05T00:00:00", "DATE_PUBLIC": "2017-09-05T00:00:00",
"ID" : "CVE-2017-0767", "ID": "CVE-2017-0767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.4.4" "version_value": "4.4.4"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "5.1.1" "version_value": "5.1.1"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "7.1.1" "version_value": "7.1.1"
}, },
{ {
"version_value" : "7.1.2" "version_value": "7.1.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407." "value": "A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-09-01", "name": "100649",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-09-01" "url": "http://www.securityfocus.com/bid/100649"
}, },
{ {
"name" : "100649", "name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/100649" "url": "https://source.android.com/security/bulletin/2017-09-01"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000144.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.355678", "DATE_ASSIGNED": "2017-08-22T17:29:33.355678",
"ID" : "CVE-2017-1000144", "ID": "CVE-2017-1000144",
"REQUESTER" : "info@mahara.org", "REQUESTER": "info@mahara.org",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Mahara", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<1.9.6, <1.10.4, <15.04.1" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mahara" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML and Javascript into an institution display name, which will be displayed to other users unescaped on some Mahara system pages." "value": "Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML and Javascript into an institution display name, which will be displayed to other users unescaped on some Mahara system pages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Incorrect Access Control" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.launchpad.net/mahara/+bug/1447377", "name": "https://bugs.launchpad.net/mahara/+bug/1447377",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugs.launchpad.net/mahara/+bug/1447377" "url": "https://bugs.launchpad.net/mahara/+bug/1447377"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000388.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-11-17", "DATE_ASSIGNED": "2017-11-17",
"ID" : "CVE-2017-1000388", "ID": "CVE-2017-1000388",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins Dependency Graph Viewer Plugin", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.12 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins Dependency Graph Viewer Plugin" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data." "value": "Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Incorrect Access Control" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://jenkins.io/security/advisory/2017-10-23/", "name": "https://jenkins.io/security/advisory/2017-10-23/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jenkins.io/security/advisory/2017-10-23/" "url": "https://jenkins.io/security/advisory/2017-10-23/"
} }
] ]
} }

22
2017/12xxx/CVE-2017-12054.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12054", "ID": "CVE-2017-12054",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/16xxx/CVE-2017-16433.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-16433", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-16433",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }

62
2017/16xxx/CVE-2017-16641.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16641", "ID": "CVE-2017-16641",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php." "value": "lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/Cacti/cacti/issues/1057", "name": "https://github.com/Cacti/cacti/issues/1057",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/Cacti/cacti/issues/1057" "url": "https://github.com/Cacti/cacti/issues/1057"
} }
] ]
} }

22
2017/16xxx/CVE-2017-16676.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16676", "ID": "CVE-2017-16676",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

88
2017/1xxx/CVE-2017-1174.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-09T00:00:00", "DATE_PUBLIC": "2017-08-09T00:00:00",
"ID" : "CVE-2017-1174", "ID": "CVE-2017-1174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sterling B2B Integrator", "product_name": "Sterling B2B Integrator",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.2" "version_value": "5.2"
}, },
{ {
"version_value" : "5.2.4" "version_value": "5.2.4"
}, },
{ {
"version_value" : "5.2.1" "version_value": "5.2.1"
}, },
{ {
"version_value" : "5.2.2" "version_value": "5.2.2"
}, },
{ {
"version_value" : "5.2.3" "version_value": "5.2.3"
}, },
{ {
"version_value" : "5.2.5" "version_value": "5.2.5"
}, },
{ {
"version_value" : "5.2.6" "version_value": "5.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296." "value": "IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Data Manipulation" "value": "Data Manipulation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123296", "name": "http://www.ibm.com/support/docview.wss?uid=swg22004268",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123296" "url": "http://www.ibm.com/support/docview.wss?uid=swg22004268"
}, },
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22004268", "name": "100246",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22004268" "url": "http://www.securityfocus.com/bid/100246"
}, },
{ {
"name" : "100246", "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123296",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/100246" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123296"
} }
] ]
} }

22
2017/1xxx/CVE-2017-1702.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1702", "ID": "CVE-2017-1702",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4138.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4138", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4138",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4415.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4415", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4415",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4424.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4424", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4424",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

76
2017/4xxx/CVE-2017-4919.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@vmware.com", "ASSIGNER": "security@vmware.com",
"DATE_PUBLIC" : "2017-07-27T00:00:00", "DATE_PUBLIC": "2017-07-27T00:00:00",
"ID" : "CVE-2017-4919", "ID": "CVE-2017-4919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VMware vCenter Server", "product_name": "VMware vCenter Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "VMware vCenter Server 5.5.x, 6.0.x, 6.5.x" "version_value": "VMware vCenter Server 5.5.x, 6.0.x, 6.5.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "VMware" "vendor_name": "VMware"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate." "value": "VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unauthorized Access Heap buffer-overflow vulnerability" "value": "Unauthorized Access Heap buffer-overflow vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2017-0012.html", "name": "1039004",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.vmware.com/security/advisories/VMSA-2017-0012.html" "url": "http://www.securitytracker.com/id/1039004"
}, },
{ {
"name" : "100102", "name": "http://www.vmware.com/security/advisories/VMSA-2017-0012.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/100102" "url": "http://www.vmware.com/security/advisories/VMSA-2017-0012.html"
}, },
{ {
"name" : "1039004", "name": "100102",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039004" "url": "http://www.securityfocus.com/bid/100102"
} }
] ]
} }

74
2018/5xxx/CVE-2018-5053.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-5053", "ID": "CVE-2018-5053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions", "product_name": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions" "version_value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." "value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Out-of-bounds read" "value": "Out-of-bounds read"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html", "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html" "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html"
}, },
{ {
"name" : "104699", "name": "104699",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/104699" "url": "http://www.securityfocus.com/bid/104699"
}, },
{ {
"name" : "1041250", "name": "1041250",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041250" "url": "http://www.securitytracker.com/id/1041250"
} }
] ]
} }

68
2018/5xxx/CVE-2018-5658.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5658", "ID": "CVE-2018-5658",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php." "value": "An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md", "name": "https://wpvulndb.com/vulnerabilities/9010",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md" "url": "https://wpvulndb.com/vulnerabilities/9010"
}, },
{ {
"name" : "https://wpvulndb.com/vulnerabilities/9010", "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/9010" "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md"
} }
] ]
} }

64
2018/5xxx/CVE-2018-5849.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-05-11T00:00:00", "DATE_PUBLIC": "2018-05-11T00:00:00",
"ID" : "CVE-2018-5849", "ID": "CVE-2018-5849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same TA, a Use After Free condition can occur." "value": "Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same TA, a Use After Free condition can occur."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use After Free in QTEE" "value": "Use After Free in QTEE"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2", "name": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2" "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2"
} }
] ]
} }