admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:15:16 +00:00
parent 6f8ba33042
commit 8a83c70c03
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
46 changed files with 3723 additions and 3723 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

194
2006/0xxx/CVE-2006-0095.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0095",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0095",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key."
"lang": "eng",
"value": "dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[linux-kernel] 20060104 [Patch 2.6] dm-crypt: zero key before freeing it",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-kernel&m=113640535312572&w=2"
"name": "388",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/388"
},
{
"name" : "[linux-kernel] 20060104 [Patch 2.6] dm-crypt: Zero key material before free to avoid information leak",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=linux-kernel&m=113641114812886&w=2"
"name": "[linux-kernel] 20060104 [Patch 2.6] dm-crypt: Zero key material before free to avoid information leak",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=113641114812886&w=2"
},
{
"name" : "DSA-1017",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1017"
"name": "19160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19160"
},
{
"name" : "FLSA:157459-4",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/427981/100/0/threaded"
"name": "MDKSA-2006:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:040"
},
{
"name" : "FEDORA-2006-102",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html"
"name": "2006-0004",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0004"
},
{
"name" : "MDKSA-2006:040",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:040"
"name": "16301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16301"
},
{
"name" : "RHSA-2006:0132",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0132.html"
"name": "RHSA-2006:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0132.html"
},
{
"name" : "SUSE-SA:2006:028",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006-05-31.html"
"name": "1015740",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015740"
},
{
"name" : "2006-0004",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0004"
"name": "18774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18774"
},
{
"name" : "USN-244-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/244-1/"
"name": "[linux-kernel] 20060104 [Patch 2.6] dm-crypt: zero key before freeing it",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=113640535312572&w=2"
},
{
"name" : "16301",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16301"
"name": "FEDORA-2006-102",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html"
},
{
"name" : "oval:org.mitre.oval:def:11192",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11192"
"name": "SUSE-SA:2006:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
},
{
"name" : "ADV-2006-0235",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0235"
"name": "FLSA:157459-4",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded"
},
{
"name" : "22418",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22418"
"name": "22418",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22418"
},
{
"name" : "1015740",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015740"
"name": "DSA-1017",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1017"
},
{
"name" : "18487",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18487"
"name": "20398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20398"
},
{
"name" : "19160",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19160"
"name": "kernel-dmcrypt-information-disclosure(24189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24189"
},
{
"name" : "19374",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19374"
"name": "USN-244-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/244-1/"
},
{
"name" : "18527",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18527"
"name": "18527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18527"
},
{
"name" : "18774",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18774"
"name": "ADV-2006-0235",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0235"
},
{
"name" : "20398",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20398"
"name": "19374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19374"
},
{
"name" : "388",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/388"
"name": "18487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18487"
},
{
"name" : "kernel-dmcrypt-information-disclosure(24189)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24189"
"name": "oval:org.mitre.oval:def:11192",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11192"
}
]
}

80
2006/0xxx/CVE-2006-0221.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0221",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0221",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.asp in the Admin Panel in Dragon Design Services Network (DDSN) cm3 content manager (CM3CMS) allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password."
"lang": "eng",
"value": "SQL injection vulnerability in index.asp in the Admin Panel in Dragon Design Services Network (DDSN) cm3 content manager (CM3CMS) allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060113 DDSN CMS Admin Panel SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/421941/100/0/threaded"
"name": "16231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16231"
},
{
"name" : "16231",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16231"
"name": "20060113 DDSN CMS Admin Panel SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421941/100/0/threaded"
},
{
"name" : "22696",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22696"
"name": "22696",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22696"
},
{
"name" : "cm3-login-sql-injection(24266)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24266"
"name": "cm3-login-sql-injection(24266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24266"
}
]
}

86
2006/1xxx/CVE-2006-1025.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1025",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1025",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "16898",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16898"
"name": "ADV-2006-0785",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0785"
},
{
"name" : "ADV-2006-0785",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0785"
"name": "23574",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23574"
},
{
"name" : "23574",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23574"
"name": "16898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16898"
},
{
"name" : "19060",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19060"
"name": "19060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19060"
},
{
"name" : "storebot-manage-xss(24986)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24986"
"name": "storebot-manage-xss(24986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24986"
}
]
}

260
2006/1xxx/CVE-2006-1721.json
View File

@ -1,226 +1,226 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1721",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1721",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation."
"lang": "eng",
"value": "digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
"name": "26708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26708"
},
{
"name" : "20060410 [MU-200604-01] Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html"
"name": "ADV-2008-1744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name" : "http://labs.musecurity.com/advisories/MU-200604-01.txt",
"refsource" : "MISC",
"url" : "http://labs.musecurity.com/advisories/MU-200604-01.txt"
"name": "19825",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19825"
},
{
"name" : "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775",
"refsource" : "CONFIRM",
"url" : "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775"
"name": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm"
"name": "19809",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19809"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
"name": "19618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19618"
},
{
"name" : "APPLE-SA-2006-09-29",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
"name": "19753",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19753"
},
{
"name" : "DSA-1042",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1042"
"name": "oval:org.mitre.oval:def:9861",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861"
},
{
"name" : "GLSA-200604-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml"
"name": "cyrus-sasl-digest-dos(25738)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25738"
},
{
"name" : "MDKSA-2006:073",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:073"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm"
},
{
"name" : "RHSA-2007:0795",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0795.html"
"name": "http://labs.musecurity.com/advisories/MU-200604-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200604-01.txt"
},
{
"name" : "RHSA-2007:0878",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0878.html"
"name": "26857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26857"
},
{
"name" : "20070901-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name" : "SUSE-SA:2006:025",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_05_05.html"
"name": "20060410 [MU-200604-01] Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html"
},
{
"name" : "2006-0024",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0024"
"name": "22187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22187"
},
{
"name" : "USN-272-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/272-1/"
"name": "MDKSA-2006:073",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:073"
},
{
"name" : "17446",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17446"
"name": "ADV-2006-3852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name" : "oval:org.mitre.oval:def:9861",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861"
"name": "27237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27237"
},
{
"name" : "ADV-2006-1306",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1306"
"name": "RHSA-2007:0878",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0878.html"
},
{
"name" : "ADV-2006-3852",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3852"
"name": "RHSA-2007:0795",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0795.html"
},
{
"name" : "ADV-2008-1744",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1744"
"name": "20014",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20014"
},
{
"name" : "1016960",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016960"
"name": "APPLE-SA-2006-09-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name" : "19618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19618"
"name": "30535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30535"
},
{
"name" : "19809",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19809"
"name": "17446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17446"
},
{
"name" : "19825",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19825"
"name": "19964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19964"
},
{
"name" : "19753",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19753"
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name" : "19964",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19964"
"name": "2006-0024",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0024"
},
{
"name" : "22187",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22187"
"name": "20070901-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
},
{
"name" : "20014",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20014"
"name": "USN-272-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/272-1/"
},
{
"name" : "26708",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26708"
"name": "SUSE-SA:2006:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_05.html"
},
{
"name" : "26857",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26857"
"name": "1016960",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016960"
},
{
"name" : "27237",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27237"
"name": "GLSA-200604-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml"
},
{
"name" : "30535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30535"
"name": "ADV-2006-1306",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1306"
},
{
"name" : "cyrus-sasl-digest-dos(25738)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25738"
"name": "DSA-1042",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1042"
}
]
}

128
2006/1xxx/CVE-2006-1991.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1991",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1991",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument."
"lang": "eng",
"value": "The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02",
"refsource" : "MISC",
"url" : "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02"
"name": "1015979",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015979"
},
{
"name" : "GLSA-200605-08",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200605-08.xml"
"name": "php-substrcompare-length-dos(26003)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26003"
},
{
"name" : "MDKSA-2006:091",
"refsource" : "MANDRAKE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:091"
"name": "SUSE-SA:2006:031",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_31_php.html"
},
{
"name" : "SUSE-SA:2006:031",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_31_php.html"
"name": "MDKSA-2006:091",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:091"
},
{
"name" : "USN-320-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-320-1"
"name": "GLSA-200605-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200605-08.xml"
},
{
"name" : "ADV-2006-1500",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1500"
"name": "20269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20269"
},
{
"name" : "1015979",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015979"
"name": "20676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20676"
},
{
"name" : "20269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20269"
"name": "USN-320-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-320-1"
},
{
"name" : "20052",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20052"
"name": "21125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21125"
},
{
"name" : "20676",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20676"
"name": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02",
"refsource": "MISC",
"url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02"
},
{
"name" : "21125",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21125"
"name": "ADV-2006-1500",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1500"
},
{
"name" : "php-substrcompare-length-dos(26003)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26003"
"name": "20052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20052"
}
]
}

86
2006/5xxx/CVE-2006-5165.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5165",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5165",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in inc/functions.inc.php in Skrypty PPA Gallery 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[ppa_root_path] parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in inc/functions.inc.php in Skrypty PPA Gallery 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[ppa_root_path] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2446",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2446"
"name": "2446",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2446"
},
{
"name" : "20255",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20255"
"name": "ADV-2006-3842",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3842"
},
{
"name" : "ADV-2006-3842",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3842"
"name": "22155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22155"
},
{
"name" : "22155",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22155"
"name": "20255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20255"
},
{
"name" : "ppa-gallery-functions-file-include(29231)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29231"
"name": "ppa-gallery-functions-file-include(29231)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29231"
}
]
}

188
2006/5xxx/CVE-2006-5468.json
View File

@ -1,166 +1,166 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5468",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-5468",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061101 rPSA-2006-0202-1 tshark wireshark",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450307/100/0/threaded"
"name": "VU#363992",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/363992"
},
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2006-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2006-03.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm"
},
{
"name" : "https://issues.rpath.com/browse/RPL-746",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-746"
"name": "oval:org.mitre.oval:def:10707",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10707"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm"
"name": "wireshark-http-dos(29840)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29840"
},
{
"name" : "MDKSA-2006:195",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:195"
"name": "23096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23096"
},
{
"name" : "RHSA-2006:0726",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0726.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2006-03.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2006-03.html"
},
{
"name" : "20061101-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
"name": "https://issues.rpath.com/browse/RPL-746",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-746"
},
{
"name" : "SUSE-SA:2006:065",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_65_ethereal.html"
"name": "22590",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22590"
},
{
"name" : "VU#363992",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/363992"
"name": "20061101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P"
},
{
"name" : "20762",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20762"
"name": "ADV-2006-4220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4220"
},
{
"name" : "oval:org.mitre.oval:def:10707",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10707"
"name": "22841",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22841"
},
{
"name" : "oval:org.mitre.oval:def:14120",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14120"
"name": "20762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20762"
},
{
"name" : "ADV-2006-4220",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4220"
"name": "SUSE-SA:2006:065",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_65_ethereal.html"
},
{
"name" : "1017129",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017129"
"name": "RHSA-2006:0726",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0726.html"
},
{
"name" : "22590",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22590"
"name": "oval:org.mitre.oval:def:14120",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14120"
},
{
"name" : "22692",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22692"
"name": "22929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22929"
},
{
"name" : "22672",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22672"
"name": "20061101 rPSA-2006-0202-1 tshark wireshark",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450307/100/0/threaded"
},
{
"name" : "22797",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22797"
"name": "22692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22692"
},
{
"name" : "22841",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22841"
"name": "MDKSA-2006:195",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:195"
},
{
"name" : "22929",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22929"
"name": "1017129",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017129"
},
{
"name" : "23096",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23096"
"name": "22672",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22672"
},
{
"name" : "wireshark-http-dos(29840)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29840"
"name": "22797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22797"
}
]
}

74
2006/5xxx/CVE-2006-5803.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5803",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5803",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in modules/mx_smartor/album.php in the mxBB Smartor Album module 1.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in modules/mx_smartor/album.php in the mxBB Smartor Album module 1.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2723",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2723"
"name": "20932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20932"
},
{
"name" : "20932",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20932"
"name": "2723",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2723"
},
{
"name" : "smartor-album-file-include(30015)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30015"
"name": "smartor-album-file-include(30015)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30015"
}
]
}

62
2006/5xxx/CVE-2006-5929.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5929",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5929",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in firepjs.php in Phpjobscheduler 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter. NOTE: the provenance of this information is unknown; details are obtained from third party sources."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in firepjs.php in Phpjobscheduler 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter. NOTE: the provenance of this information is unknown; details are obtained from third party sources."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "22855",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22855"
"name": "22855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22855"
}
]
}

68
2006/5xxx/CVE-2006-5988.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5988",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5988",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco Pack module. NOTE: the provenance of this information is unknown; the details are obtained from third party information. As of 20061116, this disclosure has no actionable information. However, since the VulnDisco Pack author is a reliable researcher, the disclosure is being assigned a CVE identifier for tracking purposes."
"lang": "eng",
"value": "Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco Pack module. NOTE: the provenance of this information is unknown; the details are obtained from third party information. As of 20061116, this disclosure has no actionable information. However, since the VulnDisco Pack author is a reliable researcher, the disclosure is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "21083",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21083"
"name": "21083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21083"
},
{
"name" : "22871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22871"
"name": "22871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22871"
}
]
}

86
2007/2xxx/CVE-2007-2155.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2155",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2155",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070411 nEw Bug :D",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465339/100/100/threaded"
"name": "phpfaber-index-directory-traversal(33581)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33581"
},
{
"name" : "http://www.phpfaber.com/m/News/phpfaber_topsites_v_3_3-58.html",
"refsource" : "MISC",
"url" : "http://www.phpfaber.com/m/News/phpfaber_topsites_v_3_3-58.html"
"name": "20070411 nEw Bug :D",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465339/100/100/threaded"
},
{
"name" : "20070418 [uncertain] (mostly) phpFaber TopSitespath traversal",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-April/001538.html"
"name": "http://www.phpfaber.com/m/News/phpfaber_topsites_v_3_3-58.html",
"refsource": "MISC",
"url": "http://www.phpfaber.com/m/News/phpfaber_topsites_v_3_3-58.html"
},
{
"name" : "23419",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23419"
"name": "23419",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23419"
},
{
"name" : "phpfaber-index-directory-traversal(33581)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33581"
"name": "20070418 [uncertain] (mostly) phpFaber TopSitespath traversal",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-April/001538.html"
}
]
}

98
2007/2xxx/CVE-2007-2193.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2193",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2193",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3776",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3776"
"name": "24994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24994"
},
{
"name" : "http://www.acdsee.com/support/knowledgebase/article?id=2800",
"refsource" : "MISC",
"url" : "http://www.acdsee.com/support/knowledgebase/article?id=2800"
"name": "ADV-2007-1489",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1489"
},
{
"name" : "23620",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23620"
"name": "3776",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3776"
},
{
"name" : "ADV-2007-1489",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1489"
"name": "23620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23620"
},
{
"name" : "35236",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35236"
"name": "acdsee-xpm-bo(33812)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33812"
},
{
"name" : "24994",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24994"
"name": "http://www.acdsee.com/support/knowledgebase/article?id=2800",
"refsource": "MISC",
"url": "http://www.acdsee.com/support/knowledgebase/article?id=2800"
},
{
"name" : "acdsee-xpm-bo(33812)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33812"
"name": "35236",
"refsource": "OSVDB",
"url": "http://osvdb.org/35236"
}
]
}

86
2007/2xxx/CVE-2007-2720.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2720",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2720",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for (1) message.php and (2) messages.php in modules/email/. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for (1) message.php and (2) messages.php in modules/email/. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://group-office.svn.sourceforge.net/viewvc/group-office?view=rev&revision=261",
"refsource" : "MISC",
"url" : "http://group-office.svn.sourceforge.net/viewvc/group-office?view=rev&revision=261"
"name": "25369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25369"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=498556&group_id=76359",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=498556&group_id=76359"
"name": "http://sourceforge.net/project/shownotes.php?release_id=498556&group_id=76359",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498556&group_id=76359"
},
{
"name" : "23925",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23925"
"name": "ADV-2007-1773",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1773"
},
{
"name" : "ADV-2007-1773",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1773"
"name": "http://group-office.svn.sourceforge.net/viewvc/group-office?view=rev&revision=261",
"refsource": "MISC",
"url": "http://group-office.svn.sourceforge.net/viewvc/group-office?view=rev&revision=261"
},
{
"name" : "25369",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25369"
"name": "23925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23925"
}
]
}

128
2007/2xxx/CVE-2007-2863.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2863",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2863",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file."
"lang": "eng",
"value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070605 ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470601/100/0/threaded"
"name": "ca-multiple-antivirus-cab-bo(34741)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34741"
},
{
"name" : "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
"name": "2790",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2790"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-034.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-034.html"
"name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"name" : "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp",
"refsource" : "CONFIRM",
"url" : "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
"name": "20070605 ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470601/100/0/threaded"
},
{
"name" : "VU#739409",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/739409"
"name": "ADV-2007-2072",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"name" : "24331",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24331"
"name": "24331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24331"
},
{
"name" : "ADV-2007-2072",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2072"
"name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"name" : "35244",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35244"
"name": "35244",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35244"
},
{
"name" : "1018199",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018199"
"name": "1018199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018199"
},
{
"name" : "25570",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25570"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-034.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-034.html"
},
{
"name" : "2790",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2790"
"name": "VU#739409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/739409"
},
{
"name" : "ca-multiple-antivirus-cab-bo(34741)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34741"
"name": "25570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25570"
}
]
}

74
2010/0xxx/CVE-2010-0463.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0463",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0463",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Horde IMP 4.3.6 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests."
"lang": "eng",
"value": "Horde IMP 4.3.6 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail",
"refsource" : "MISC",
"url" : "https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail"
"name": "horde-dns-info-disclosure(56052)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56052"
},
{
"name" : "http://bugs.horde.org/ticket/8836",
"refsource" : "CONFIRM",
"url" : "http://bugs.horde.org/ticket/8836"
"name": "https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail",
"refsource": "MISC",
"url": "https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail"
},
{
"name" : "horde-dns-info-disclosure(56052)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56052"
"name": "http://bugs.horde.org/ticket/8836",
"refsource": "CONFIRM",
"url": "http://bugs.horde.org/ticket/8836"
}
]
}

68
2010/0xxx/CVE-2010-0594.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0594",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0594",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "JVN#14313132",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN14313132/index.html"
"name": "JVNDB-2010-000014",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000014.html"
},
{
"name" : "JVNDB-2010-000014",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000014.html"
"name": "JVN#14313132",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN14313132/index.html"
}
]
}

86
2010/0xxx/CVE-2010-0722.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0722",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0722",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://4004securityproject.wordpress.com/2010/02/22/php-auktion-pro-sql-injection-news-php/",
"refsource" : "MISC",
"url" : "http://4004securityproject.wordpress.com/2010/02/22/php-auktion-pro-sql-injection-news-php/"
"name": "phpauktionpro-news-sql-injection(56478)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56478"
},
{
"name" : "11547",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11547"
"name": "http://4004securityproject.wordpress.com/2010/02/22/php-auktion-pro-sql-injection-news-php/",
"refsource": "MISC",
"url": "http://4004securityproject.wordpress.com/2010/02/22/php-auktion-pro-sql-injection-news-php/"
},
{
"name" : "38371",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38371"
"name": "38371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38371"
},
{
"name" : "38679",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38679"
"name": "11547",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11547"
},
{
"name" : "phpauktionpro-news-sql-injection(56478)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56478"
"name": "38679",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38679"
}
]
}

86
2010/1xxx/CVE-2010-1284.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1284",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-1284",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291."
"lang": "eng",
"value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
"name": "38751",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38751"
},
{
"name" : "40091",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40091"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html"
},
{
"name" : "oval:org.mitre.oval:def:6638",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6638"
"name": "ADV-2010-1128",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1128"
},
{
"name" : "38751",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38751"
"name": "oval:org.mitre.oval:def:6638",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6638"
},
{
"name" : "ADV-2010-1128",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1128"
"name": "40091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40091"
}
]
}

62
2010/3xxx/CVE-2010-3110.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3110",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3110",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors."
"lang": "eng",
"value": "Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "SUSE-SA:2010:033",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html"
"name": "SUSE-SA:2010:033",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html"
}
]
}

134
2010/3xxx/CVE-2010-3707.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3707",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3707",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox."
"lang": "eng",
"value": "plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0",
"refsource" : "MLIST",
"url" : "http://www.dovecot.org/list/dovecot/2010-October/053452.html"
"name": "[oss-security] 20101004 Re: CVE Request: more dovecot ACL issues",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128622064325688&w=2"
},
{
"name" : "[dovecot] 20101002 v1.2.15 released",
"refsource" : "MLIST",
"url" : "http://www.dovecot.org/list/dovecot/2010-October/053450.html"
"name": "USN-1059-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1059-1"
},
{
"name" : "[dovecot] 20101002 v2.0.5 released",
"refsource" : "MLIST",
"url" : "http://www.dovecot.org/list/dovecot/2010-October/053451.html"
"name": "SUSE-SR:2010:020",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"name" : "[oss-security] 20101004 CVE Request: more dovecot ACL issues",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=128620520732377&w=2"
"name": "ADV-2010-2572",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2572"
},
{
"name" : "[oss-security] 20101004 Re: CVE Request: more dovecot ACL issues",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=128622064325688&w=2"
"name": "[oss-security] 20101004 CVE Request: more dovecot ACL issues",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128620520732377&w=2"
},
{
"name" : "MDVSA-2010:217",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:217"
"name": "MDVSA-2010:217",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:217"
},
{
"name" : "RHSA-2011:0600",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0600.html"
"name": "43220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43220"
},
{
"name" : "SUSE-SR:2010:020",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
"name": "ADV-2011-0301",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0301"
},
{
"name" : "USN-1059-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1059-1"
"name": "[dovecot] 20101002 v1.2.15 released",
"refsource": "MLIST",
"url": "http://www.dovecot.org/list/dovecot/2010-October/053450.html"
},
{
"name" : "43220",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43220"
"name": "[dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0",
"refsource": "MLIST",
"url": "http://www.dovecot.org/list/dovecot/2010-October/053452.html"
},
{
"name" : "ADV-2010-2572",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2572"
"name": "RHSA-2011:0600",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0600.html"
},
{
"name" : "ADV-2010-2840",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2840"
"name": "ADV-2010-2840",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2840"
},
{
"name" : "ADV-2011-0301",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0301"
"name": "[dovecot] 20101002 v2.0.5 released",
"refsource": "MLIST",
"url": "http://www.dovecot.org/list/dovecot/2010-October/053451.html"
}
]
}

74
2010/3xxx/CVE-2010-3936.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3936",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3936",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"XSS in Signurl.asp Vulnerability.\""
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"XSS in Signurl.asp Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-089",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089"
"name": "MS10-089",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089"
},
{
"name" : "TA10-313A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-313A.html"
"name": "oval:org.mitre.oval:def:12218",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12218"
},
{
"name" : "oval:org.mitre.oval:def:12218",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12218"
"name": "TA10-313A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html"
}
]
}

86
2010/4xxx/CVE-2010-4186.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4186",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4186",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15397",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15397"
"name": "42111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42111"
},
{
"name" : "44608",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44608"
"name": "44608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44608"
},
{
"name" : "68972",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/68972"
"name": "owos-process-sql-injection(62972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62972"
},
{
"name" : "42111",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42111"
"name": "68972",
"refsource": "OSVDB",
"url": "http://osvdb.org/68972"
},
{
"name" : "owos-process-sql-injection(62972)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62972"
"name": "15397",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15397"
}
]
}

140
2010/4xxx/CVE-2010-4206.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4206",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4206",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters."
"lang": "eng",
"value": "Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://trac.webkit.org/changeset/70652",
"refsource" : "MISC",
"url" : "http://trac.webkit.org/changeset/70652"
"name": "MDVSA-2011:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name" : "https://bugs.webkit.org/show_bug.cgi?id=48371",
"refsource" : "MISC",
"url" : "https://bugs.webkit.org/show_bug.cgi?id=48371"
"name": "FEDORA-2011-0121",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"
},
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=60688",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=60688"
"name": "http://trac.webkit.org/changeset/70652",
"refsource": "MISC",
"url": "http://trac.webkit.org/changeset/70652"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
"name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=656129",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=656129"
"name": "ADV-2011-0216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0216"
},
{
"name" : "FEDORA-2011-0121",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html"
"name": "42109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42109"
},
{
"name" : "MDVSA-2011:039",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
"name": "http://code.google.com/p/chromium/issues/detail?id=60688",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=60688"
},
{
"name" : "RHSA-2011:0177",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html"
"name": "oval:org.mitre.oval:def:11949",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11949"
},
{
"name" : "45721",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45721"
"name": "43086",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43086"
},
{
"name" : "oval:org.mitre.oval:def:11949",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11949"
"name": "https://bugs.webkit.org/show_bug.cgi?id=48371",
"refsource": "MISC",
"url": "https://bugs.webkit.org/show_bug.cgi?id=48371"
},
{
"name" : "42109",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42109"
"name": "45721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45721"
},
{
"name" : "43086",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43086"
"name": "RHSA-2011:0177",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"
},
{
"name" : "ADV-2011-0216",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0216"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=656129",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656129"
},
{
"name" : "ADV-2011-0552",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0552"
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
}
]
}

86
2010/4xxx/CVE-2010-4830.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4830",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4830",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter."
"lang": "eng",
"value": "SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15678",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15678"
"name": "45203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45203"
},
{
"name" : "http://packetstormsecurity.org/files/view/96375/tdreamsjsp-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/96375/tdreamsjsp-sql.txt"
"name": "34996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34996"
},
{
"name" : "45203",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45203"
"name": "http://packetstormsecurity.org/files/view/96375/tdreamsjsp-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96375/tdreamsjsp-sql.txt"
},
{
"name" : "34996",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34996"
"name": "8353",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8353"
},
{
"name" : "8353",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8353"
"name": "15678",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15678"
}
]
}

86
2010/4xxx/CVE-2010-4896.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4896",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4896",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html"
"name": "membermanagementsystem-index-xss(61703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61703"
},
{
"name" : "43109",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43109"
"name": "http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html"
},
{
"name" : "67898",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/67898"
"name": "67898",
"refsource": "OSVDB",
"url": "http://osvdb.org/67898"
},
{
"name" : "41362",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41362"
"name": "41362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41362"
},
{
"name" : "membermanagementsystem-index-xss(61703)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61703"
"name": "43109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43109"
}
]
}

74
2014/0xxx/CVE-2014-0031.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0031",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0031",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request."
"lang": "eng",
"value": "The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkacl",
"refsource" : "CONFIRM",
"url" : "https://blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkacl"
"name": "55960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55960"
},
{
"name" : "https://issues.apache.org/jira/browse/CLOUDSTACK-5145",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/CLOUDSTACK-5145"
"name": "https://blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkacl",
"refsource": "CONFIRM",
"url": "https://blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkacl"
},
{
"name" : "55960",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55960"
"name": "https://issues.apache.org/jira/browse/CLOUDSTACK-5145",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/CLOUDSTACK-5145"
}
]
}

86
2014/0xxx/CVE-2014-0812.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0812",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-0812",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.kent-web.com/bbs/joyful.html",
"refsource" : "CONFIRM",
"url" : "http://www.kent-web.com/bbs/joyful.html"
"name": "http://www.kent-web.com/bbs/joyful.html",
"refsource": "CONFIRM",
"url": "http://www.kent-web.com/bbs/joyful.html"
},
{
"name" : "JVN#30718178",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN30718178/index.html"
"name": "102740",
"refsource": "OSVDB",
"url": "http://osvdb.org/102740"
},
{
"name" : "JVNDB-2014-000013",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000013"
"name": "65301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65301"
},
{
"name" : "65301",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65301"
"name": "JVN#30718178",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN30718178/index.html"
},
{
"name" : "102740",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102740"
"name": "JVNDB-2014-000013",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000013"
}
]
}

74
2014/0xxx/CVE-2014-0897.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0897",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0897",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors."
"lang": "eng",
"value": "The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153"
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153"
},
{
"name" : "IT03824",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824"
"name": "IT03824",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824"
},
{
"name" : "ibm-flex-cve20140897-weak-encryption(91395)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91395"
"name": "ibm-flex-cve20140897-weak-encryption(91395)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91395"
}
]
}

74
2014/4xxx/CVE-2014-4836.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4836",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4836",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686240",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686240"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686240",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686240"
},
{
"name" : "61056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61056"
"name": "61056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61056"
},
{
"name" : "ibm-tririga-cve20144836-xss(95630)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95630"
"name": "ibm-tririga-cve20144836-xss(95630)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95630"
}
]
}

22
2014/4xxx/CVE-2014-4935.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4935",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4935",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2014/8xxx/CVE-2014-8898.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8898",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-8898",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8897 and CVE-2014-8899."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8897 and CVE-2014-8899."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21692176",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21692176"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21692176",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692176"
},
{
"name" : "ibm-infospheremdm-cve20148898-xss(99051)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99051"
"name": "ibm-infospheremdm-cve20148898-xss(99051)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99051"
}
]
}

86
2014/9xxx/CVE-2014-9279.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9279",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9279",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters in the response sent to the URL."
"lang": "eng",
"value": "The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters in the response sent to the URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20141129 CVE Request: DB credentials disclosure in MantisBT's unattended upgrade script",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q4/863"
"name": "71359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71359"
},
{
"name" : "http://www.mantisbt.org/bugs/view.php?id=17877",
"refsource" : "CONFIRM",
"url" : "http://www.mantisbt.org/bugs/view.php?id=17877"
"name": "https://github.com/mantisbt/mantisbt/commit/0826cef8",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/0826cef8"
},
{
"name" : "https://github.com/mantisbt/mantisbt/commit/0826cef8",
"refsource" : "CONFIRM",
"url" : "https://github.com/mantisbt/mantisbt/commit/0826cef8"
"name": "http://www.mantisbt.org/bugs/view.php?id=17877",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=17877"
},
{
"name" : "71359",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71359"
"name": "[oss-security] 20141129 CVE Request: DB credentials disclosure in MantisBT's unattended upgrade script",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q4/863"
},
{
"name" : "mantisbt-upgradeunattaended-sec-bypass(99031)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99031"
"name": "mantisbt-upgradeunattaended-sec-bypass(99031)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99031"
}
]
}

68
2014/9xxx/CVE-2014-9559.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9559",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9559",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150201 CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Feb/1"
"name": "20150201 CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Feb/1"
},
{
"name" : "http://tetraph.com/security/cves/cve-2014-9559-snipsnap-xss-cross-site-scripting-security-vulnerabilities/",
"refsource" : "MISC",
"url" : "http://tetraph.com/security/cves/cve-2014-9559-snipsnap-xss-cross-site-scripting-security-vulnerabilities/"
"name": "http://tetraph.com/security/cves/cve-2014-9559-snipsnap-xss-cross-site-scripting-security-vulnerabilities/",
"refsource": "MISC",
"url": "http://tetraph.com/security/cves/cve-2014-9559-snipsnap-xss-cross-site-scripting-security-vulnerabilities/"
}
]
}

116
2014/9xxx/CVE-2014-9708.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9708",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9708",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by \"Range: x=,\"."
"lang": "eng",
"value": "Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by \"Range: x=,\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150328 Advisory: CVE-2014-9708: Appweb Web Server",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535028/100/0/threaded"
"name": "1037007",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037007"
},
{
"name" : "20150328 Advisory: CVE-2014-9708: Appweb Web Server",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/158"
"name": "https://github.com/embedthis/appweb/issues/413",
"refsource": "CONFIRM",
"url": "https://github.com/embedthis/appweb/issues/413"
},
{
"name" : "20150408 Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Apr/19"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "http://packetstormsecurity.com/files/131157/Appweb-Web-Server-Denial-Of-Service.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/131157/Appweb-Web-Server-Denial-Of-Service.html"
"name": "https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348",
"refsource": "CONFIRM",
"url": "https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348"
},
{
"name" : "https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348",
"refsource" : "CONFIRM",
"url" : "https://github.com/embedthis/appweb/commit/7e6a925f5e86a19a7934a94bbd6959101d0b84eb#diff-7ca4d62c70220e0e226e7beac90c95d9L17348"
"name": "http://packetstormsecurity.com/files/131157/Appweb-Web-Server-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131157/Appweb-Web-Server-Denial-Of-Service.html"
},
{
"name" : "https://github.com/embedthis/appweb/issues/413",
"refsource" : "CONFIRM",
"url" : "https://github.com/embedthis/appweb/issues/413"
"name": "20150408 Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Apr/19"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name": "20150328 Advisory: CVE-2014-9708: Appweb Web Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535028/100/0/threaded"
},
{
"name" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/60",
"refsource" : "CONFIRM",
"url" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/60"
"name": "73407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73407"
},
{
"name" : "73407",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73407"
"name": "20150328 Advisory: CVE-2014-9708: Appweb Web Server",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/158"
},
{
"name" : "1037007",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037007"
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/60",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/60"
}
]
}

68
2014/9xxx/CVE-2014-9928.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2014-9928",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2014-9928",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "All Qualcomm products",
"version" : {
"version_data" : [
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist."
"lang": "eng",
"value": "In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input Vulnerability in GERAN"
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input Vulnerability in GERAN"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-05-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-05-01"
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name" : "98233",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98233"
"name": "98233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98233"
}
]
}

22
2016/3xxx/CVE-2016-3011.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3011",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3011",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2016/3xxx/CVE-2016-3423.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3423",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3423",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-0698."
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Rich Text Editor, a different vulnerability than CVE-2016-0698."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
"name": "1035610",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035610"
},
{
"name" : "1035610",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035610"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
}
]
}

68
2016/6xxx/CVE-2016-6322.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-6322",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-6322",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file."
"lang": "eng",
"value": "Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366413",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366413"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1366413",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366413"
},
{
"name" : "92668",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92668"
"name": "92668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92668"
}
]
}

98
2016/6xxx/CVE-2016-6489.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6489",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-6489",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack."
"lang": "eng",
"value": "The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/07/29/7"
"name": "[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/07/29/7"
},
{
"name" : "https://eprint.iacr.org/2016/596.pdf",
"refsource" : "MISC",
"url" : "https://eprint.iacr.org/2016/596.pdf"
"name": "USN-3193-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3193-1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1362016",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1362016"
"name": "GLSA-201706-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-21"
},
{
"name" : "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3",
"refsource" : "CONFIRM",
"url" : "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3"
"name": "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3",
"refsource": "CONFIRM",
"url": "https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3"
},
{
"name" : "GLSA-201706-21",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-21"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1362016",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362016"
},
{
"name" : "RHSA-2016:2582",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2582.html"
"name": "https://eprint.iacr.org/2016/596.pdf",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2016/596.pdf"
},
{
"name" : "USN-3193-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3193-1"
"name": "RHSA-2016:2582",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2582.html"
}
]
}

68
2016/6xxx/CVE-2016-6674.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6674",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6674",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380."
"lang": "eng",
"value": "system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-10-01.html"
"name": "93316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93316"
},
{
"name" : "93316",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93316"
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
}
]
}

98
2016/6xxx/CVE-2016-6897.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6897",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6897",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40288",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40288/"
"name": "92572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92572"
},
{
"name" : "[oss-security] 20160820 Path traversal vulnerability in WordPress Core Ajax handlers",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/08/20/1"
"name": "1036683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036683"
},
{
"name" : "https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html",
"refsource" : "MISC",
"url" : "https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html"
"name": "40288",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40288/"
},
{
"name" : "https://wpvulndb.com/vulnerabilities/8606",
"refsource" : "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/8606"
"name": "[oss-security] 20160820 Path traversal vulnerability in WordPress Core Ajax handlers",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/20/1"
},
{
"name" : "https://github.com/WordPress/WordPress/commit/8c82515ab62b88fb32d01c9778f0204b296f3568",
"refsource" : "CONFIRM",
"url" : "https://github.com/WordPress/WordPress/commit/8c82515ab62b88fb32d01c9778f0204b296f3568"
"name": "https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html",
"refsource": "MISC",
"url": "https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html"
},
{
"name" : "92572",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92572"
"name": "https://github.com/WordPress/WordPress/commit/8c82515ab62b88fb32d01c9778f0204b296f3568",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/WordPress/commit/8c82515ab62b88fb32d01c9778f0204b296f3568"
},
{
"name" : "1036683",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036683"
"name": "https://wpvulndb.com/vulnerabilities/8606",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8606"
}
]
}

80
2016/7xxx/CVE-2016-7165.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7165",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7165",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent)."
"lang": "eng",
"value": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
},
{
"name" : "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html",
"refsource" : "MISC",
"url" : "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
"name": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html",
"refsource": "MISC",
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf",
"refsource" : "CONFIRM",
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
"name": "94158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94158"
},
{
"name" : "94158",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94158"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
}
]
}

74
2016/7xxx/CVE-2016-7290.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2016-7290",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-7290",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka \"Microsoft Office Information Disclosure Vulnerability,\" a different vulnerability than CVE-2016-7291."
"lang": "eng",
"value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka \"Microsoft Office Information Disclosure Vulnerability,\" a different vulnerability than CVE-2016-7291."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-148",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148"
"name": "MS16-148",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148"
},
{
"name" : "94670",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94670"
"name": "94670",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94670"
},
{
"name" : "1037441",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037441"
"name": "1037441",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037441"
}
]
}

22
2016/7xxx/CVE-2016-7729.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7729",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7729",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

92
2016/7xxx/CVE-2016-7976.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7976",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7976",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams."
"lang": "eng",
"value": "The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161019 Re: Re: CVE Request - multiple ghostscript -dSAFER sandbox problems",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/19/6"
"name": "DSA-3691",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3691"
},
{
"name" : "http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d",
"refsource" : "CONFIRM",
"url" : "http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d"
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=697178",
"refsource": "CONFIRM",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=697178"
},
{
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=697178",
"refsource" : "CONFIRM",
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=697178"
"name": "[oss-security] 20161019 Re: Re: CVE Request - multiple ghostscript -dSAFER sandbox problems",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/19/6"
},
{
"name" : "DSA-3691",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3691"
"name": "http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d",
"refsource": "CONFIRM",
"url": "http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d"
},
{
"name" : "GLSA-201702-31",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-31"
"name": "GLSA-201702-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-31"
},
{
"name" : "95332",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95332"
"name": "95332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95332"
}
]
}

22
2016/8xxx/CVE-2016-8197.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8197",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8197",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}