admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:10:46 +00:00
parent e4bdbce384
commit 84dc2f2a23
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
48 changed files with 3243 additions and 3243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
2006/5xxx/CVE-2006-5180.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5180", "ID": "CVE-2006-5180",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060928 Newswriter SW v1.4.2 Remote File Include Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447253/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102."
{ }
"name" : "2443", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/2443" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1695", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1695" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1695",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1695"
},
{
"name": "20060928 Newswriter SW v1.4.2 Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447253/100/0/threaded"
},
{
"name": "2443",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2443"
}
]
}
} }

158
2006/5xxx/CVE-2006-5383.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5383", "ID": "CVE-2006-5383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2567", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2567" "lang": "eng",
}, "value": "SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter."
{ }
"name" : "20545", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20545" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4049", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4049" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22389", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22389" ]
}, },
{ "references": {
"name" : "defblog-comadd-sql-injection(29561)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29561" "name": "defblog-comadd-sql-injection(29561)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29561"
} },
{
"name": "2567",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2567"
},
{
"name": "ADV-2006-4049",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4049"
},
{
"name": "22389",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22389"
},
{
"name": "20545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20545"
}
]
}
} }

168
2006/5xxx/CVE-2006-5535.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5535", "ID": "CVE-2006-5535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061022 WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/449472/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate."
{ }
"name" : "http://changelog.cpanel.net/", ]
"refsource" : "CONFIRM", },
"url" : "http://changelog.cpanel.net/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20683", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20683" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4190", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4190" ]
}, },
{ "references": {
"name" : "22555", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22555" "name": "20683",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20683"
"name" : "1780", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1780" "name": "1780",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1780"
} },
{
"name": "22555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22555"
},
{
"name": "20061022 WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449472/100/0/threaded"
},
{
"name": "ADV-2006-4190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4190"
},
{
"name": "http://changelog.cpanel.net/",
"refsource": "CONFIRM",
"url": "http://changelog.cpanel.net/"
}
]
}
} }

178
2006/5xxx/CVE-2006-5891.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5891", "ID": "CVE-2006-5891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061112 UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451307/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter."
{ }
"name" : "20061113 Ustore SQL Injection", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/451519/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2763", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2763" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4479", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4479" ]
}, },
{ "references": {
"name" : "22838", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22838" "name": "ADV-2006-4479",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4479"
"name" : "1851", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1851" "name": "ustore-detail-sql-injection(30187)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30187"
"name" : "ustore-detail-sql-injection(30187)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30187" "name": "20061112 UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/451307/100/0/threaded"
} },
{
"name": "2763",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2763"
},
{
"name": "20061113 Ustore SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451519/100/0/threaded"
},
{
"name": "22838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22838"
},
{
"name": "1851",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1851"
}
]
}
} }

168
2006/5xxx/CVE-2006-5967.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2006-5967", "ID": "CVE-2006-5967",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451864/100/0/threaded" "lang": "eng",
}, "value": "Race condition in Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to cause memory corruption and execute arbitrary code via unknown vectors related to multiple invocations of the Analizar method in the ActiveScan.1 ActiveX control, which is not thread safe."
{ }
"name" : "http://secunia.com/secunia_research/2006-64/advisory/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2006-64/advisory/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21132", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21132" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4536", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4536" ]
}, },
{ "references": {
"name" : "21763", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21763" "name": "21763",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21763"
"name" : "pandaactivescan-activescan-code-execution(30319)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30319" "name": "21132",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/21132"
} },
{
"name": "http://secunia.com/secunia_research/2006-64/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-64/advisory/"
},
{
"name": "ADV-2006-4536",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4536"
},
{
"name": "20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451864/100/0/threaded"
},
{
"name": "pandaactivescan-activescan-code-execution(30319)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30319"
}
]
}
} }

158
2007/2xxx/CVE-2007-2276.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2276", "ID": "CVE-2007-2276",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a \"badly written loop.\" NOTE: the vendor disputes this issue, stating that the product has \"performed as expected with no DoS emerging.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070424 3Com's TippingPoint Denial of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466784/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a \"badly written loop.\" NOTE: the vendor disputes this issue, stating that the product has \"performed as expected with no DoS emerging.\""
{ }
"name" : "20070424 Re: 3Com's TippingPoint Denial of Service", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/466795/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070425 Re: 3Com's TippingPoint Denial of Service", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466891/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23644", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23644" ]
}, },
{ "references": {
"name" : "35724", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35724" "name": "23644",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23644"
} },
{
"name": "20070425 Re: 3Com's TippingPoint Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466891/100/0/threaded"
},
{
"name": "20070424 Re: 3Com's TippingPoint Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466795/100/0/threaded"
},
{
"name": "20070424 3Com's TippingPoint Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466784/100/0/threaded"
},
{
"name": "35724",
"refsource": "OSVDB",
"url": "http://osvdb.org/35724"
}
]
}
} }

128
2007/2xxx/CVE-2007-2370.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2370", "ID": "CVE-2007-2370",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3672", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3672" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings."
{ }
"name" : "20070405 true: XOOPS Module Jobs <= 2.4 (cid) SQL Injection Exploit", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2007-April/001494.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3672",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3672"
},
{
"name": "20070405 true: XOOPS Module Jobs <= 2.4 (cid) SQL Injection Exploit",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-April/001494.html"
}
]
}
} }

188
2007/2xxx/CVE-2007-2856.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2856", "ID": "CVE-2007-2856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070524 Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/469503/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855."
{ }
"name" : "20070525 IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/469592/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://retrogod.altervista.org/ie_DartZip_bof.html", "description": [
"refsource" : "MISC", {
"url" : "http://retrogod.altervista.org/ie_DartZip_bof.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24142", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24142" ]
}, },
{ "references": {
"name" : "24163", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24163" "name": "20070525 IE 6 / Dart Communications PowerTCP ZIP Compression Control (DartZip.dll 1.8.5.3) remote buffer overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/469592/100/0/threaded"
"name" : "38111", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38111" "name": "38111",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38111"
"name" : "powertcp-compression-bo(34520)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34520" "name": "24163",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24163"
"name" : "powertcp-service-activex-bo(34494)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34494" "name": "powertcp-service-activex-bo(34494)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34494"
} },
{
"name": "20070524 Dart Communications PowerTCP Service Control (DartService.dll 3.1.3.3) remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469503/100/0/threaded"
},
{
"name": "powertcp-compression-bo(34520)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34520"
},
{
"name": "24142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24142"
},
{
"name": "http://retrogod.altervista.org/ie_DartZip_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/ie_DartZip_bof.html"
}
]
}
} }

168
2007/2xxx/CVE-2007-2890.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2890", "ID": "CVE-2007-2890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3981", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3981" "lang": "eng",
}, "value": "SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter."
{ }
"name" : "24138", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24138" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1956", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1956" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36315", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36315" ]
}, },
{ "references": {
"name" : "25412", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25412" "name": "3981",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/3981"
"name" : "cpcommerce-category-sql-injection(34484)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34484" "name": "25412",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25412"
} },
{
"name": "ADV-2007-1956",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1956"
},
{
"name": "24138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24138"
},
{
"name": "cpcommerce-category-sql-injection(34484)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34484"
},
{
"name": "36315",
"refsource": "OSVDB",
"url": "http://osvdb.org/36315"
}
]
}
} }

798
2007/2xxx/CVE-2007-2926.json
View File

@ -1,402 +1,402 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2007-2926", "ID": "CVE-2007-2926",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070724 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474545/100/0/threaded" "lang": "eng",
}, "value": "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning."
{ }
"name" : "20070726 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/474808/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070727 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474856/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070724 \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/474516/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://www.securiteam.com/securitynews/5VP0L0UM0A.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/securitynews/5VP0L0UM0A.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm"
"name" : "http://www.trusteer.com/docs/bind9dns.html", },
"refsource" : "MISC", {
"url" : "http://www.trusteer.com/docs/bind9dns.html" "name": "http://www.trusteer.com/docs/bind9dns_s.html",
}, "refsource": "MISC",
{ "url": "http://www.trusteer.com/docs/bind9dns_s.html"
"name" : "http://www.trusteer.com/docs/bind9dns_s.html", },
"refsource" : "MISC", {
"url" : "http://www.trusteer.com/docs/bind9dns_s.html" "name": "26231",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26231"
"name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", },
"refsource" : "CONFIRM", {
"url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" "name": "ADV-2007-2932",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2932"
"name" : "https://issues.rpath.com/browse/RPL-1587", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1587" "name": "HPSBOV03226",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903", },
"refsource" : "CONFIRM", {
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903" "name": "26847",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26847"
"name" : "ftp://aix.software.ibm.com/aix/efixes/security/README", },
"refsource" : "CONFIRM", {
"url" : "ftp://aix.software.ibm.com/aix/efixes/security/README" "name": "IZ02218",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm" "name": "ADV-2007-2914",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2914"
"name" : "http://docs.info.apple.com/article.html?artnum=307041", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307041" "name": "RHSA-2007:0740",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0740.html"
"name" : "IZ02218", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only" "name": "26217",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26217"
"name" : "IZ02219", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only" "name": "SSRT101004",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"
"name" : "APPLE-SA-2007-11-14", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" "name": "26509",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26509"
"name" : "DSA-1341", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1341" "name": "HPSBOV02261",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368"
"name" : "FreeBSD-SA-07:07", },
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc" "name": "26444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26444"
"name" : "GLSA-200708-13", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml" "name": "http://www.securiteam.com/securitynews/5VP0L0UM0A.html",
}, "refsource": "MISC",
{ "url": "http://www.securiteam.com/securitynews/5VP0L0UM0A.html"
"name" : "HPSBUX02251", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" "name": "HPSBUX02251",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426"
"name" : "SSRT071449", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426" "name": "26605",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26605"
"name" : "HPSBOV02261", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368" "name": "103018",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1"
"name" : "HPSBTU02256", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600" "name": "MDKSA-2007:149",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:149"
"name" : "HPSBOV03226", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=141879471518471&w=2" "name": "26607",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26607"
"name" : "SSRT101004", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=141879471518471&w=2" "name": "20070727 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/474856/100/0/threaded"
"name" : "MDKSA-2007:149", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:149" "name": "26148",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26148"
"name" : "OpenPKG-SA-2007.022", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html" "name": "FreeBSD-SA-07:07",
}, "refsource": "FREEBSD",
{ "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc"
"name" : "RHSA-2007:0740", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0740.html" "name": "VU#252735",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/252735"
"name" : "20070801-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc" "name": "http://www.trusteer.com/docs/bind9dns.html",
}, "refsource": "MISC",
{ "url": "http://www.trusteer.com/docs/bind9dns.html"
"name" : "SSA:2007-207-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385" "name": "26180",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26180"
"name" : "103018", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1" "name": "GLSA-200708-13",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml"
"name" : "SUSE-SA:2007:047", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_47_bind.html" "name": "26152",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26152"
"name" : "2007-0023", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2007/0023/" "name": "2007-0023",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2007/0023/"
"name" : "USN-491-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-491-1" "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903",
}, "refsource": "CONFIRM",
{ "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903"
"name" : "TA07-319A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" "name": "SSA:2007-207-01",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385"
"name" : "VU#252735", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/252735" "name": "APPLE-SA-2007-11-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
"name" : "25037", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25037" "name": "http://docs.info.apple.com/article.html?artnum=307041",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307041"
"name" : "26444", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26444" "name": "20070724 \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/474516/100/0/threaded"
"name" : "oval:org.mitre.oval:def:10293", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293" "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
"name" : "ADV-2007-2627", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2627" "name": "IZ02219",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only"
"name" : "ADV-2007-2662", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2662" "name": "isc-bind-queryid-spoofing(35575)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35575"
"name" : "ADV-2007-2782", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2782" "name": "ADV-2007-2782",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2782"
"name" : "ADV-2007-2914", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2914" "name": "26227",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26227"
"name" : "ADV-2007-2932", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2932" "name": "26261",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26261"
"name" : "ADV-2007-3242", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3242" "name": "ADV-2007-3868",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3868"
"name" : "ADV-2007-3868", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3868" "name": "25037",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25037"
"name" : "oval:org.mitre.oval:def:2226", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226" "name": "26515",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26515"
"name" : "1018442", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018442" "name": "USN-491-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-491-1"
"name" : "26152", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26152" "name": "26330",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26330"
"name" : "26195", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26195" "name": "https://issues.rpath.com/browse/RPL-1587",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1587"
"name" : "26160", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26160" "name": "HPSBTU02256",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600"
"name" : "26227", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26227" "name": "1018442",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018442"
"name" : "26148", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26148" "name": "20070801-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
"name" : "26231", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26231" "name": "DSA-1341",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1341"
"name" : "26330", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26330" "name": "26308",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26308"
"name" : "26261", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26261" "name": "SUSE-SA:2007:047",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_47_bind.html"
"name" : "26308", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26308" "name": "ADV-2007-2627",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2627"
"name" : "26509", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26509" "name": "oval:org.mitre.oval:def:2226",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226"
"name" : "26515", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26515" "name": "27643",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27643"
"name" : "26531", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26531" "name": "26236",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26236"
"name" : "26607", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26607" "name": "ADV-2007-2662",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2662"
"name" : "26847", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26847" "name": "26195",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26195"
"name" : "26925", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26925" "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
}, "refsource": "CONFIRM",
{ "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
"name" : "26180", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26180" "name": "ADV-2007-3242",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3242"
"name" : "26217", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26217" "name": "oval:org.mitre.oval:def:10293",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293"
"name" : "26236", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26236" "name": "OpenPKG-SA-2007.022",
}, "refsource": "OPENPKG",
{ "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html"
"name" : "26605", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26605" "name": "TA07-319A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
"name" : "27643", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27643" "name": "26925",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26925"
"name" : "isc-bind-queryid-spoofing(35575)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35575" "name": "26160",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/26160"
} },
{
"name": "20070724 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474545/100/0/threaded"
},
{
"name": "SSRT071449",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426"
},
{
"name": "20070726 Re: \"BIND 9 DNS Cache Poisoning\" by Amit Klein (Trusteer)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474808/100/0/threaded"
},
{
"name": "26531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26531"
}
]
}
} }

178
2007/3xxx/CVE-2007-3078.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3078", "ID": "CVE-2007-3078",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php."
{ }
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24264", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24264" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36897", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36897" ]
}, },
{ "references": {
"name" : "36898", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36898" "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107"
"name" : "25503", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25503" "name": "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595"
"name" : "aigaion-authorpublication-xss(34665)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34665" "name": "25503",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25503"
} },
{
"name": "36897",
"refsource": "OSVDB",
"url": "http://osvdb.org/36897"
},
{
"name": "36898",
"refsource": "OSVDB",
"url": "http://osvdb.org/36898"
},
{
"name": "aigaion-authorpublication-xss(34665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34665"
},
{
"name": "24264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24264"
}
]
}
} }

128
2007/3xxx/CVE-2007-3842.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3842", "ID": "CVE-2007-3842",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970."
{ }
"name" : "36706", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/36706" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf",
"refsource": "CONFIRM",
"url": "http://www.8e6.com/products/R3000/docs/readme_r3000_2.0.05.pdf"
},
{
"name": "36706",
"refsource": "OSVDB",
"url": "http://osvdb.org/36706"
}
]
}
} }

158
2007/6xxx/CVE-2007-6046.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6046", "ID": "CVE-2007-6046",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" "lang": "eng",
}, "value": "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact."
{ }
"name" : "IZ07018", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26450", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26450" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3867", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3867" ]
}, },
{ "references": {
"name" : "27667", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27667" "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
} "refsource": "CONFIRM",
] "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
} },
{
"name": "ADV-2007-3867",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3867"
},
{
"name": "26450",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26450"
},
{
"name": "27667",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27667"
},
{
"name": "IZ07018",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
}
]
}
} }

178
2007/6xxx/CVE-2007-6321.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6321", "ID": "CVE-2007-6321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071209 Unsanitized scripting in RoundCube webmail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/484802/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands."
{ }
"name" : "http://openmya.hacker.jp/hasegawa/security/expression.txt", ]
"refsource" : "MISC", },
"url" : "http://openmya.hacker.jp/hasegawa/security/expression.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://trac.roundcube.net/ticket/1484701", "description": [
"refsource" : "CONFIRM", {
"url" : "http://trac.roundcube.net/ticket/1484701" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26800", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26800" ]
}, },
{ "references": {
"name" : "30734", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30734" "name": "20071209 Unsanitized scripting in RoundCube webmail",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/484802/100/0/threaded"
"name" : "3435", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3435" "name": "roundcube-email-messages-xss(38981)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38981"
"name" : "roundcube-email-messages-xss(38981)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38981" "name": "http://trac.roundcube.net/ticket/1484701",
} "refsource": "CONFIRM",
] "url": "http://trac.roundcube.net/ticket/1484701"
} },
{
"name": "3435",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3435"
},
{
"name": "26800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26800"
},
{
"name": "http://openmya.hacker.jp/hasegawa/security/expression.txt",
"refsource": "MISC",
"url": "http://openmya.hacker.jp/hasegawa/security/expression.txt"
},
{
"name": "30734",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30734"
}
]
}
} }

118
2010/0xxx/CVE-2010-0081.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0081", "ID": "CVE-2010-0081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2381."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
}
]
}
} }

158
2010/0xxx/CVE-2010-0199.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-0199", "ID": "CVE-2010-0199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-09.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-09.html" "lang": "eng",
}, "value": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203."
{ }
"name" : "TA10-103C", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103C.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39329", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/39329" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:6900", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6900" ]
}, },
{ "references": {
"name" : "ADV-2010-0873", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0873" "name": "ADV-2010-0873",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/0873"
} },
{
"name": "oval:org.mitre.oval:def:6900",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6900"
},
{
"name": "TA10-103C",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103C.html"
},
{
"name": "39329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39329"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-09.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
}
]
}
} }

148
2010/0xxx/CVE-2010-0372.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0372", "ID": "CVE-2010-0372",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the artid parameter in a display action to index.php."
{ }
"name" : "11140", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11140" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37799", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37799" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "articlemanager-index-sql-injection(55664)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55664" ]
} },
] "references": {
} "reference_data": [
{
"name": "articlemanager-index-sql-injection(55664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55664"
},
{
"name": "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/joomlaarticlemanager-sql.txt"
},
{
"name": "37799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37799"
},
{
"name": "11140",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11140"
}
]
}
} }

248
2010/1xxx/CVE-2010-1791.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1791", "ID": "CVE-2010-1791",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4276", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4276" "lang": "eng",
}, "value": "Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index."
{ }
"name" : "http://support.apple.com/kb/HT4334", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4334" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4456", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4456" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-07-28-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2010-09-08-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" "name": "MDVSA-2011:039",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
"name" : "APPLE-SA-2010-11-22-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" "name": "43068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43068"
"name" : "MDVSA-2011:039", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" "name": "APPLE-SA-2010-09-08-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html"
"name" : "SUSE-SR:2011:002", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "name": "http://support.apple.com/kb/HT4334",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4334"
"name" : "42020", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42020" "name": "http://support.apple.com/kb/HT4276",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4276"
"name" : "oval:org.mitre.oval:def:11802", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802" "name": "ADV-2011-0212",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0212"
"name" : "42314", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42314" "name": "oval:org.mitre.oval:def:11802",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802"
"name" : "43068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43068" "name": "APPLE-SA-2010-07-28-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html"
"name" : "ADV-2011-0212", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0212" "name": "SUSE-SR:2011:002",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name" : "ADV-2011-0552", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0552" "name": "42314",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/42314"
} },
{
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
},
{
"name": "42020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42020"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
} }

148
2010/4xxx/CVE-2010-4713.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4713", "ID": "CVE-2010-4713",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-10-241/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-10-241/" "lang": "eng",
}, "value": "Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header."
{ }
"name" : "http://www.facebook.com/note.php?note_id=477865030928", ]
"refsource" : "CONFIRM", },
"url" : "http://www.facebook.com/note.php?note_id=477865030928" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=642338", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=642338" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=642338",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=642338"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007154&sliceId=1"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-10-241/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-10-241/"
},
{
"name": "http://www.facebook.com/note.php?note_id=477865030928",
"refsource": "CONFIRM",
"url": "http://www.facebook.com/note.php?note_id=477865030928"
}
]
}
} }

128
2010/5xxx/CVE-2010-5211.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5211", "ID": "CVE-2010-5211",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking", "description_data": [
"refsource" : "MISC", {
"url" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking" "lang": "eng",
}, "value": "Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. NOTE: some of these details are obtained from third party information."
{ }
"name" : "41415", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/41415" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking",
"refsource": "MISC",
"url": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking"
},
{
"name": "41415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41415"
}
]
}
} }

128
2010/5xxx/CVE-2010-5286.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5286", "ID": "CVE-2010-5286",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php."
{ }
"name" : "44053", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/44053" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44053"
},
{
"name": "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt"
}
]
}
} }

118
2014/0xxx/CVE-2014-0524.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2014-0524", "ID": "CVE-2014-0524",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html" "lang": "eng",
} "value": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://helpx.adobe.com/security/products/reader/apsb14-15.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
}
]
}
} }

178
2014/0xxx/CVE-2014-0865.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0865", "ID": "CVE-2014-0865",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/532598/100/0/threaded" "lang": "eng",
}, "value": "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations."
{ }
"name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Jun/173" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", "description": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" "name": "ibm-aclm-cve20140865-sec-bypass(90939)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90939"
"name" : "59296", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59296" "name": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html"
"name" : "ibm-aclm-cve20140865-sec-bypass(90939)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90939" "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/532598/100/0/threaded"
} },
{
"name": "59296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59296"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt"
},
{
"name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/173"
}
]
}
} }

168
2014/1xxx/CVE-2014-1342.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1342", "ID": "CVE-2014-1342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6254", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6254" "lang": "eng",
}, "value": "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1."
{ }
"name" : "https://support.apple.com/kb/HT6537", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT6537" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2014-05-21-1", "description": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2014-06-30-3", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2014-06-30-4", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" "name": "https://support.apple.com/kb/HT6537",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT6537"
"name" : "67553", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/67553" "name": "APPLE-SA-2014-06-30-4",
} "refsource": "APPLE",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html"
} },
{
"name": "http://support.apple.com/kb/HT6254",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6254"
},
{
"name": "APPLE-SA-2014-06-30-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html"
},
{
"name": "67553",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67553"
},
{
"name": "APPLE-SA-2014-05-21-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html"
}
]
}
} }

188
2014/1xxx/CVE-2014-1504.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2014-1504", "ID": "CVE-2014-1504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html" "lang": "eng",
}, "value": "The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911547", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911547" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201504-01", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201504-01" ]
}, },
{ "references": {
"name" : "SUSE-SU-2014:0418", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html" "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-23.html"
"name" : "openSUSE-SU-2014:0419", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" "name": "GLSA-201504-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201504-01"
"name" : "openSUSE-SU-2014:0448", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html" "name": "SUSE-SU-2014:0418",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html"
"name" : "openSUSE-SU-2014:0584", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
} },
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "openSUSE-SU-2014:0584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911547",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911547"
},
{
"name": "openSUSE-SU-2014:0448",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html"
}
]
}
} }

32
2014/1xxx/CVE-2014-1938.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1938", "ID": "CVE-2014-1938",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/1xxx/CVE-2014-1994.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-1994", "ID": "CVE-2014-1994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cs.cybozu.co.jp/information/gr20140714up04.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://cs.cybozu.co.jp/information/gr20140714up04.php" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#80583739", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN80583739/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2014-000076", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000076" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#80583739",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN80583739/index.html"
},
{
"name": "http://cs.cybozu.co.jp/information/gr20140714up04.php",
"refsource": "CONFIRM",
"url": "http://cs.cybozu.co.jp/information/gr20140714up04.php"
},
{
"name": "JVNDB-2014-000076",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000076"
}
]
}
} }

32
2014/4xxx/CVE-2014-4339.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4339", "ID": "CVE-2014-4339",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2014/4xxx/CVE-2014-4348.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4348", "ID": "CVE-2014-4348",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables."
{ }
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "68201", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/68201" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838",
"refsource": "CONFIRM",
"url": "https://github.com/phpmyadmin/phpmyadmin/commit/d18a2dd9faad7e0e96df799b59e16ef587afb838"
},
{
"name": "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php",
"refsource": "CONFIRM",
"url": "http://phpmyadmin.net/home_page/security/PMASA-2014-2.php"
},
{
"name": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e",
"refsource": "CONFIRM",
"url": "https://github.com/phpmyadmin/phpmyadmin/commit/cb7c703c03f656debcea2a16468bd53660fc888e"
},
{
"name": "68201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68201"
}
]
}
} }

128
2014/4xxx/CVE-2014-4973.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4973", "ID": "CVE-2014-4973",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140820 CVE-2014-4973 - Privilege Escalation in ESET Windows Products", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Aug/52" "lang": "eng",
}, "value": "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call."
{ }
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/", ]
"refsource" : "MISC", },
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/"
},
{
"name": "20140820 CVE-2014-4973 - Privilege Escalation in ESET Windows Products",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Aug/52"
}
]
}
} }

198
2014/5xxx/CVE-2014-5163.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5163", "ID": "CVE-2014-5163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2014-09.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2014-09.html" "lang": "eng",
}, "value": "The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9", ]
"refsource" : "CONFIRM", }
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9" ]
}, },
{ "references": {
"name" : "DSA-3002", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3002" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10216"
"name" : "SUSE-SU-2014:1221", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" "name": "openSUSE-SU-2014:1249",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html"
"name" : "openSUSE-SU-2014:1038", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519",
}, "refsource": "CONFIRM",
{ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc441e7a5008640c68ec985e669d5092414a519"
"name" : "openSUSE-SU-2014:1249", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" "name": "SUSE-SU-2014:1221",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html"
"name" : "57593", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57593" "name": "DSA-3002",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2014/dsa-3002"
} },
{
"name": "http://www.wireshark.org/security/wnpa-sec-2014-09.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2014-09.html"
},
{
"name": "openSUSE-SU-2014:1038",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html"
},
{
"name": "57593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57593"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=dd7134d907350ccc574cdec596f4162860912bb9"
}
]
}
} }

128
2014/5xxx/CVE-2014-5332.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-5332", "ID": "CVE-2014-5332",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html" "lang": "eng",
}, "value": "Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox."
{ }
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/3618", ]
"refsource" : "CONFIRM", },
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/3618" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html",
"refsource": "MISC",
"url": "http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3618",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3618"
}
]
}
} }

138
2016/3xxx/CVE-2016-3338.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3338", "ID": "CVE-2016-3338",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Windows Common Log File System Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-134", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134" "lang": "eng",
}, "value": "The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka \"Windows Common Log File System Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184."
{ }
"name" : "94014", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94014" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037252", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037252" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1037252",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037252"
},
{
"name": "MS16-134",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-134"
},
{
"name": "94014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94014"
}
]
}
} }

32
2016/3xxx/CVE-2016-3964.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3964", "ID": "CVE-2016-3964",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/7xxx/CVE-2016-7379.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7379", "ID": "CVE-2016-7379",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

178
2016/7xxx/CVE-2016-7866.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-7866", "ID": "CVE-2016-7866",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Animate 15.2.1.95 and earlier", "product_name": "Adobe Animate 15.2.1.95 and earlier",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Animate 15.2.1.95 and earlier" "version_value": "Adobe Animate 15.2.1.95 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory Corruption"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539923/100/0/threaded" "lang": "eng",
}, "value": "Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "40915", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/40915/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Dec/45" "lang": "eng",
}, "value": "Memory Corruption"
{ }
"name" : "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt", ]
"refsource" : "MISC", }
"url" : "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html" "name": "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt",
}, "refsource": "MISC",
{ "url": "http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt"
"name" : "https://helpx.adobe.com/security/products/animate/apsb16-38.html", },
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/animate/apsb16-38.html" "name": "94872",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94872"
"name" : "94872", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94872" "name": "40915",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/40915/"
} },
{
"name": "https://helpx.adobe.com/security/products/animate/apsb16-38.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/animate/apsb16-38.html"
},
{
"name": "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140164/Adobe-Animate-15.2.1.95-Buffer-Overflow.html"
},
{
"name": "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539923/100/0/threaded"
},
{
"name": "20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Dec/45"
}
]
}
} }

32
2016/8xxx/CVE-2016-8071.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-8071", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-8071",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

32
2016/8xxx/CVE-2016-8120.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8120", "ID": "CVE-2016-8120",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/8xxx/CVE-2016-8542.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-8542", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-8542",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

128
2016/8xxx/CVE-2016-8814.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2016-8814", "ID": "CVE-2016-8814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Quadro, NVS, GeForce, GRID and Tesla", "product_name": "Quadro, NVS, GeForce, GRID and Tesla",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All" "version_value": "All"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4257" "lang": "eng",
}, "value": "All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalation of privileges."
{ }
"name" : "95054", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95054" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95054"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4257"
}
]
}
} }

32
2016/8xxx/CVE-2016-8865.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8865", "ID": "CVE-2016-8865",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/8xxx/CVE-2016-8892.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8892", "ID": "CVE-2016-8892",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/9xxx/CVE-2016-9024.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9024", "ID": "CVE-2016-9024",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2016/9xxx/CVE-2016-9451.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9451", "ID": "CVE-2016-9451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/SA-CORE-2016-005", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/SA-CORE-2016-005" "lang": "eng",
}, "value": "Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors."
{ }
"name" : "DSA-3718", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2016/dsa-3718" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94367", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94367" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3718",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3718"
},
{
"name": "94367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94367"
},
{
"name": "https://www.drupal.org/SA-CORE-2016-005",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2016-005"
}
]
}
} }

32
2019/2xxx/CVE-2019-2064.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2064", "ID": "CVE-2019-2064",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/2xxx/CVE-2019-2597.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2597", "ID": "CVE-2019-2597",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/2xxx/CVE-2019-2837.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2837", "ID": "CVE-2019-2837",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6682.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6682", "ID": "CVE-2019-6682",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }