admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:48:32 +00:00
parent 702b2164f4
commit 9e2e1f050a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 4373 additions and 4373 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2006/1xxx/CVE-2006-1105.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1105", "ID": "CVE-2006-1105",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060304 Pixel Post Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/426764/100/0/threaded" "lang": "eng",
}, "value": "Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue."
{ }
"name" : "http://www.neosecurityteam.net/index.php?action=advisories&id=19", ]
"refsource" : "MISC", },
"url" : "http://www.neosecurityteam.net/index.php?action=advisories&id=19" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://forum.pixelpost.org/showthread.php?t=3535", "description": [
"refsource" : "MISC", {
"url" : "http://forum.pixelpost.org/showthread.php?t=3535" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16964", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/16964" ]
}, },
{ "references": {
"name" : "ADV-2006-0823", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0823" "name": "http://forum.pixelpost.org/showthread.php?t=3535",
}, "refsource": "MISC",
{ "url": "http://forum.pixelpost.org/showthread.php?t=3535"
"name" : "pixelpost-phpinfo-obtain-information(25048)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25048" "name": "http://www.neosecurityteam.net/index.php?action=advisories&id=19",
} "refsource": "MISC",
] "url": "http://www.neosecurityteam.net/index.php?action=advisories&id=19"
} },
} {
"name": "20060304 Pixel Post Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426764/100/0/threaded"
},
{
"name": "16964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16964"
},
{
"name": "pixelpost-phpinfo-obtain-information(25048)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25048"
},
{
"name": "ADV-2006-0823",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0823"
}
]
}
}

160
2006/1xxx/CVE-2006-1558.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1558", "ID": "CVE-2006-1558",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://osvdb.org/ref/24/24243-script_index.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://osvdb.org/ref/24/24243-script_index.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter."
{ }
"name" : "17297", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17297" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1158", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1158" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24243", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24243" ]
}, },
{ "references": {
"name" : "19443", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19443" "name": "ADV-2006-1158",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/1158"
} },
} {
"name": "24243",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24243"
},
{
"name": "19443",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19443"
},
{
"name": "http://osvdb.org/ref/24/24243-script_index.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/24/24243-script_index.txt"
},
{
"name": "17297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17297"
}
]
}
}

170
2006/5xxx/CVE-2006-5282.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5282", "ID": "CVE-2006-5282",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070614 RFI In Script SH-News 3.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471413/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php."
{ }
"name" : "2518", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/2518" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20478", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20478" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4014", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4014" ]
}, },
{ "references": {
"name" : "22316", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22316" "name": "2518",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/2518"
"name" : "shnews-multiple-file-include(29477)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29477" "name": "shnews-multiple-file-include(29477)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29477"
} },
} {
"name": "20070614 RFI In Script SH-News 3.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471413/100/0/threaded"
},
{
"name": "20478",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20478"
},
{
"name": "ADV-2006-4014",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4014"
},
{
"name": "22316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22316"
}
]
}
}

350
2006/5xxx/CVE-2006-5330.json
View File

@ -1,177 +1,177 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5330", "ID": "CVE-2006-5330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061017 Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/448997/100/0/threaded" "lang": "eng",
}, "value": "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used."
{ }
"name" : "http://www.rapid7.com/advisories/R7-0026.jsp", ]
"refsource" : "MISC", },
"url" : "http://www.rapid7.com/advisories/R7-0026.jsp" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.adobe.com/support/security/advisories/apsa06-01.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/advisories/apsa06-01.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.adobe.com/support/security/bulletins/apsb06-18.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.adobe.com/support/security/bulletins/apsb06-18.html" ]
}, },
{ "references": {
"name" : "http://docs.info.apple.com/article.html?artnum=305214", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305214" "name": "http://www.adobe.com/support/security/advisories/apsa06-01.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/advisories/apsa06-01.html"
"name" : "APPLE-SA-2007-03-13", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" "name": "TA07-072A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name" : "RHSA-2007:0009", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0009.html" "name": "102932",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102932-1"
"name" : "102932", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102932-1" "name": "22467",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22467"
"name" : "SUSE-SA:2006:077", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0006.html" "name": "APPLE-SA-2007-03-13",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name" : "TA07-072A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" "name": "RHSA-2007:0009",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0009.html"
"name" : "20592", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20592" "name": "http://docs.info.apple.com/article.html?artnum=305214",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305214"
"name" : "oval:org.mitre.oval:def:11405", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11405" "name": "23324",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23324"
"name" : "ADV-2006-4094", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4094" "name": "flashplayer-multiple-xsrf(29634)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29634"
"name" : "ADV-2007-0930", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0930" "name": "SUSE-SA:2006:077",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0006.html"
"name" : "ADV-2007-1999", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1999" "name": "oval:org.mitre.oval:def:11405",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11405"
"name" : "29863", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29863" "name": "25467",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25467"
"name" : "1017078", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017078" "name": "ADV-2006-4094",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4094"
"name" : "22467", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22467" "name": "29863",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/29863"
"name" : "23324", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23324" "name": "http://www.adobe.com/support/security/bulletins/apsb06-18.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/bulletins/apsb06-18.html"
"name" : "23581", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23581" "name": "http://www.rapid7.com/advisories/R7-0026.jsp",
}, "refsource": "MISC",
{ "url": "http://www.rapid7.com/advisories/R7-0026.jsp"
"name" : "24479", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24479" "name": "20592",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20592"
"name" : "25467", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25467" "name": "ADV-2007-0930",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0930"
"name" : "1737", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1737" "name": "1737",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1737"
"name" : "flashplayer-multiple-xsrf(29634)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29634" "name": "ADV-2007-1999",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1999"
} },
} {
"name": "23581",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23581"
},
{
"name": "20061017 Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448997/100/0/threaded"
},
{
"name": "1017078",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017078"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}

500
2006/5xxx/CVE-2006-5870.json
View File

@ -1,252 +1,252 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5870", "ID": "CVE-2006-5870",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455947/100/0/threaded" "lang": "eng",
}, "value": "Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records."
{ }
"name" : "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/455954/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455943/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/455964/100/0/threaded" ]
}, },
{ "references": {
"name" : "20070108 rPSA-2007-0001-1 openoffice.org", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/456271/100/100/threaded" "name": "oval:org.mitre.oval:def:9145",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
"name" : "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites", },
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly" "name": "http://www.openoffice.org/issues/show_bug.cgi?id=70042",
}, "refsource": "CONFIRM",
{ "url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
"name" : "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/", },
"refsource" : "MISC", {
"url" : "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/" "name": "23683",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23683"
"name" : "http://www.openoffice.org/issues/show_bug.cgi?id=70042", },
"refsource" : "CONFIRM", {
"url" : "http://www.openoffice.org/issues/show_bug.cgi?id=70042" "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/",
}, "refsource": "MISC",
{ "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
"name" : "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch", },
"refsource" : "CONFIRM", {
"url" : "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch" "name": "23682",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23682"
"name" : "https://issues.rpath.com/browse/RPL-905", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-905" "name": "32611",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32611"
"name" : "DSA-1246", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1246" "name": "20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
"name" : "FEDORA-2007-005", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/cms/node/2344" "name": "23920",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23920"
"name" : "GLSA-200701-07", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200701-07.xml" "name": "23600",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23600"
"name" : "MDKSA-2007:006", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006" "name": "USN-406-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-406-1"
"name" : "RHSA-2007:0001", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0001.html" "name": "VU#220288",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/220288"
"name" : "20070101-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc" "name": "23612",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23612"
"name" : "102735", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1" "name": "102735",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
"name" : "SUSE-SA:2007:001", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html" "name": "SUSE-SA:2007:001",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
"name" : "USN-406-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-406-1" "name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
}, "refsource": "VULNWATCH",
{ "url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
"name" : "VU#220288", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/220288" "name": "23711",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23711"
"name" : "oval:org.mitre.oval:def:9145", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145" "name": "GLSA-200701-07",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
"name" : "ADV-2007-0031", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0031" "name": "32610",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32610"
"name" : "ADV-2007-0059", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0059" "name": "ADV-2007-0031",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0031"
"name" : "32610", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32610" "name": "23712",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23712"
"name" : "32611", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32611" "name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
"name" : "oval:org.mitre.oval:def:8280", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280" "name": "23616",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23616"
"name" : "1017466", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017466" "name": "RHSA-2007:0001",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
"name" : "23612", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23612" "name": "FEDORA-2007-005",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/cms/node/2344"
"name" : "23616", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23616" "name": "https://issues.rpath.com/browse/RPL-905",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-905"
"name" : "23549", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23549" "name": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch",
}, "refsource": "CONFIRM",
{ "url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
"name" : "23620", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23620" "name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
"name" : "23682", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23682" "name": "oval:org.mitre.oval:def:8280",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
"name" : "23683", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23683" "name": "23620",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23620"
"name" : "23712", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23712" "name": "openoffice-wmf-bo(31257)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
"name" : "23711", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23711" "name": "23549",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23549"
"name" : "23762", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23762" "name": "ADV-2007-0059",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0059"
"name" : "23600", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23600" "name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
"name" : "23920", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23920" "name": "20070108 rPSA-2007-0001-1 openoffice.org",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
"name" : "openoffice-wmf-bo(31257)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257" "name": "DSA-1246",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2007/dsa-1246"
} },
} {
"name": "20070101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"name": "MDKSA-2007:006",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"name": "1017466",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017466"
},
{
"name": "23762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23762"
}
]
}
}

140
2007/2xxx/CVE-2007-2710.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2710", "ID": "CVE-2007-2710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "36054", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36054" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "ADV-2007-1800", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/1800" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25274", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25274" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "36054",
"refsource": "OSVDB",
"url": "http://osvdb.org/36054"
},
{
"name": "25274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25274"
},
{
"name": "ADV-2007-1800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1800"
}
]
}
}

170
2007/2xxx/CVE-2007-2820.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2820", "ID": "CVE-2007-2820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070522 KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=117981953312669&w=2" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions."
{ }
"name" : "24088", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1901", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1901" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36517", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36517" ]
}, },
{ "references": {
"name" : "25357", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25357" "name": "24088",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24088"
"name" : "ksign-axksignswat-bo(34417)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34417" "name": "36517",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/36517"
} },
} {
"name": "ksign-axksignswat-bo(34417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34417"
},
{
"name": "20070522 KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=117981953312669&w=2"
},
{
"name": "25357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25357"
},
{
"name": "ADV-2007-1901",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1901"
}
]
}
}

150
2007/2xxx/CVE-2007-2892.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2892", "ID": "CVE-2007-2892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/24135.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/24135.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "24135", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24135" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38141", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38141" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "aspnuke-news-xss(34769)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34769" ]
} },
] "references": {
} "reference_data": [
} {
"name": "38141",
"refsource": "OSVDB",
"url": "http://osvdb.org/38141"
},
{
"name": "aspnuke-news-xss(34769)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34769"
},
{
"name": "24135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24135"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/24135.html",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/24135.html"
}
]
}
}

150
2007/3xxx/CVE-2007-3274.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3274", "ID": "CVE-2007-3274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070616 Local Denial of Service in Safari", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471542/100/0/threaded" "lang": "eng",
}, "value": "Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location."
{ }
"name" : "38863", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/38863" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2810", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2810" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "apple-safari-documentlocation-dos(34912)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34912" ]
} },
] "references": {
} "reference_data": [
} {
"name": "38863",
"refsource": "OSVDB",
"url": "http://osvdb.org/38863"
},
{
"name": "2810",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2810"
},
{
"name": "20070616 Local Denial of Service in Safari",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471542/100/0/threaded"
},
{
"name": "apple-safari-documentlocation-dos(34912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34912"
}
]
}
}

150
2007/6xxx/CVE-2007-6174.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6174", "ID": "CVE-2007-6174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpdevshell.org/changelog", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.phpdevshell.org/changelog" "lang": "eng",
}, "value": "PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information."
{ }
"name" : "26615", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26615" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27828", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27828" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpdevshell-profile-privilege-escalation(38736)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38736" ]
} },
] "references": {
} "reference_data": [
} {
"name": "26615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26615"
},
{
"name": "27828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27828"
},
{
"name": "phpdevshell-profile-privilege-escalation(38736)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38736"
},
{
"name": "http://www.phpdevshell.org/changelog",
"refsource": "MISC",
"url": "http://www.phpdevshell.org/changelog"
}
]
}
}

140
2007/6xxx/CVE-2007-6542.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6542", "ID": "CVE-2007-6542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4764", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4764" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter."
{ }
"name" : "26986", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26986" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39802", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39802" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "39802",
"refsource": "OSVDB",
"url": "http://osvdb.org/39802"
},
{
"name": "4764",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4764"
},
{
"name": "26986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26986"
}
]
}
}

170
2007/6xxx/CVE-2007-6644.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6644", "ID": "CVE-2007-6644",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.joomla.org/content/view/4335/116/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.joomla.org/content/view/4335/116/" "lang": "eng",
}, "value": "Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model."
{ }
"name" : "MDVSA-2008:060", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "28111", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28111" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43277", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/43277" ]
}, },
{ "references": {
"name" : "1019145", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019145" "name": "28111",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28111"
"name" : "29257", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29257" "name": "29257",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/29257"
} },
} {
"name": "http://www.joomla.org/content/view/4335/116/",
"refsource": "CONFIRM",
"url": "http://www.joomla.org/content/view/4335/116/"
},
{
"name": "1019145",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019145"
},
{
"name": "MDVSA-2008:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060"
},
{
"name": "43277",
"refsource": "OSVDB",
"url": "http://osvdb.org/43277"
}
]
}
}

180
2010/0xxx/CVE-2010-0027.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0027", "ID": "CVE-2010-0027",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka \"URL Validation Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100209 ZDI-10-016: Microsoft Windows ShellExecute Improper Sanitization Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/509470/100/0/threaded" "lang": "eng",
}, "value": "The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka \"URL Validation Vulnerability.\""
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-016/", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-016/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS10-002", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MS10-007", ]
"refsource" : "MS", }
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-007" ]
}, },
{ "references": {
"name" : "TA10-040A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" "name": "oval:org.mitre.oval:def:8464",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8464"
"name" : "oval:org.mitre.oval:def:8464", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8464" "name": "MS10-007",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-007"
"name" : "ie-url-code-execution(55773)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55773" "name": "TA10-040A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
} },
} {
"name": "20100209 ZDI-10-016: Microsoft Windows ShellExecute Improper Sanitization Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509470/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-016/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-016/"
},
{
"name": "MS10-002",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002"
},
{
"name": "ie-url-code-execution(55773)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55773"
}
]
}
}

130
2010/0xxx/CVE-2010-0063.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-0063", "ID": "CVE-2010-0063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as demonstrated by the values for the (1) .ibplugin and (2) .url extensions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4077", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4077" "lang": "eng",
}, "value": "Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as demonstrated by the values for the (1) .ibplugin and (2) .url extensions."
{ }
"name" : "APPLE-SA-2010-03-29-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
}
]
}
}

160
2010/0xxx/CVE-2010-0694.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0694", "ID": "CVE-2010-0694",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.joomla.org/Vulnerable_Extensions_List#New_format_Feed_Starts_Here", "description_data": [
"refsource" : "MISC", {
"url" : "http://docs.joomla.org/Vulnerable_Extensions_List#New_format_Feed_Starts_Here" "lang": "eng",
}, "value": "SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php."
{ }
"name" : "http://packetstormsecurity.org/1001-exploits/joomlaperchagallery-sql.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/1001-exploits/joomlaperchagallery-sql.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11024", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/11024" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37642", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/37642" ]
}, },
{ "references": {
"name" : "perchagallery-index-sql-injection(55447)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55447" "name": "http://docs.joomla.org/Vulnerable_Extensions_List#New_format_Feed_Starts_Here",
} "refsource": "MISC",
] "url": "http://docs.joomla.org/Vulnerable_Extensions_List#New_format_Feed_Starts_Here"
} },
} {
"name": "perchagallery-index-sql-injection(55447)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55447"
},
{
"name": "http://packetstormsecurity.org/1001-exploits/joomlaperchagallery-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1001-exploits/joomlaperchagallery-sql.txt"
},
{
"name": "37642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37642"
},
{
"name": "11024",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11024"
}
]
}
}

140
2010/0xxx/CVE-2010-0815.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0815", "ID": "CVE-2010-0815",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka \"VBE6.DLL Stack Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-031", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-031" "lang": "eng",
}, "value": "VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka \"VBE6.DLL Stack Memory Corruption Vulnerability.\""
{ }
"name" : "TA10-131A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-131A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:7074", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7074" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "TA10-131A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-131A.html"
},
{
"name": "MS10-031",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-031"
},
{
"name": "oval:org.mitre.oval:def:7074",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7074"
}
]
}
}

140
2010/1xxx/CVE-2010-1176.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1176", "ID": "CVE-2010-1176",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://nishantdaspatnaik.yolasite.com/ipodpoc1.php", "description_data": [
"refsource" : "MISC", {
"url" : "http://nishantdaspatnaik.yolasite.com/ipodpoc1.php" "lang": "eng",
}, "value": "Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075."
{ }
"name" : "11891", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11891" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38989", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38989" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "11891",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11891"
},
{
"name": "38989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38989"
},
{
"name": "http://nishantdaspatnaik.yolasite.com/ipodpoc1.php",
"refsource": "MISC",
"url": "http://nishantdaspatnaik.yolasite.com/ipodpoc1.php"
}
]
}
}

34
2010/1xxx/CVE-2010-1683.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1683", "ID": "CVE-2010-1683",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

320
2010/1xxx/CVE-2010-1783.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1783", "ID": "CVE-2010-1783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4276", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4276" "lang": "eng",
}, "value": "WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document."
{ }
"name" : "http://support.apple.com/kb/HT4334", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4334" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4456", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4456" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-07-28-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2010-09-08-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" "name": "MDVSA-2011:039",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
"name" : "APPLE-SA-2010-11-22-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" "name": "oval:org.mitre.oval:def:11820",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11820"
"name" : "DSA-2188", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2188" "name": "ADV-2010-2722",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2722"
"name" : "MDVSA-2011:039", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" "name": "43068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43068"
"name" : "RHSA-2011:0177", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html" "name": "APPLE-SA-2010-09-08-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html"
"name" : "SUSE-SR:2011:002", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "name": "http://support.apple.com/kb/HT4334",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4334"
"name" : "USN-1006-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1006-1" "name": "http://support.apple.com/kb/HT4276",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4276"
"name" : "42020", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42020" "name": "USN-1006-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1006-1"
"name" : "oval:org.mitre.oval:def:11820", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11820" "name": "41856",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/41856"
"name" : "41856", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41856" "name": "ADV-2011-0212",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0212"
"name" : "42314", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42314" "name": "APPLE-SA-2010-07-28-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html"
"name" : "43068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43068" "name": "ADV-2011-0216",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0216"
"name" : "43086", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43086" "name": "43086",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43086"
"name" : "ADV-2010-2722", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2722" "name": "SUSE-SR:2011:002",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name" : "ADV-2011-0212", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0212" "name": "42314",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42314"
"name" : "ADV-2011-0216", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0216" "name": "RHSA-2011:0177",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html"
"name" : "ADV-2011-0552", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0552" "name": "DSA-2188",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2011/dsa-2188"
} },
} {
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
},
{
"name": "42020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42020"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
}

170
2010/1xxx/CVE-2010-1919.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2010-1919", "ID": "CVE-2010-1919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100526 ESA-2010-007: EMC Avamar Denial Of Service Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-05/0254.html" "lang": "eng",
}, "value": "Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP."
{ }
"name" : "http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt", ]
"refsource" : "MISC", },
"url" : "http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40390", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40390" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024036", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1024036" ]
}, },
{ "references": {
"name" : "39919", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39919" "name": "39919",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39919"
"name" : "ADV-2010-1253", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1253" "name": "http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt",
} "refsource": "MISC",
] "url": "http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt"
} },
} {
"name": "1024036",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024036"
},
{
"name": "ADV-2010-1253",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1253"
},
{
"name": "40390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40390"
},
{
"name": "20100526 ESA-2010-007: EMC Avamar Denial Of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0254.html"
}
]
}
}

170
2010/4xxx/CVE-2010-4179.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4179", "ID": "CVE-2010-4179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that allows local users with the ability to publish to a broker to run jobs as arbitrary users via Condor QMF plug-ins."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=654856", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=654856" "lang": "eng",
}, "value": "The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that allows local users with the ability to publish to a broker to run jobs as arbitrary users via Condor QMF plug-ins."
{ }
"name" : "RHSA-2010:0921", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0921.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2010:0922", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0922.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024806", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1024806" ]
}, },
{ "references": {
"name" : "42406", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42406" "name": "1024806",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1024806"
"name" : "ADV-2010-3091", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3091" "name": "RHSA-2010:0922",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2010-0922.html"
} },
} {
"name": "ADV-2010-3091",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3091"
},
{
"name": "42406",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42406"
},
{
"name": "RHSA-2010:0921",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0921.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=654856",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=654856"
}
]
}
}

180
2010/5xxx/CVE-2010-5010.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5010", "ID": "CVE-2010-5010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "13812", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/13812/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter."
{ }
"name" : "http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40737", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40737" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "65417", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/65417" ]
}, },
{ "references": {
"name" : "40154", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40154" "name": "65417",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/65417"
"name" : "8508", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8508" "name": "http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txt",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txt"
"name" : "schoolmation-studentmain-xss(59346)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59346" "name": "13812",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/13812/"
} },
} {
"name": "40154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40154"
},
{
"name": "40737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40737"
},
{
"name": "schoolmation-studentmain-xss(59346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59346"
},
{
"name": "8508",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8508"
}
]
}
}

130
2010/5xxx/CVE-2010-5291.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5291", "ID": "CVE-2010-5291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Amberdms Billing System (ABS) before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES" "lang": "eng",
}, "value": "Amberdms Billing System (ABS) before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach."
{ }
"name" : "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG", ]
"refsource" : "CONFIRM", },
"url" : "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES"
},
{
"name": "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG",
"refsource": "CONFIRM",
"url": "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG"
}
]
}
}

140
2014/0xxx/CVE-2014-0057.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0057", "ID": "CVE-2014-0057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1064140", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1064140" "lang": "eng",
}, "value": "The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors."
{ }
"name" : "RHSA-2014:0215", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0215.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "57376", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57376" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0215",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140"
},
{
"name": "57376",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57376"
}
]
}
}

140
2014/0xxx/CVE-2014-0188.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0188", "ID": "CVE-2014-0188",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1090120", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1090120" "lang": "eng",
}, "value": "The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger."
{ }
"name" : "RHSA-2014:0422", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0422.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2014:0423", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0423.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0422",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0422.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1090120",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1090120"
},
{
"name": "RHSA-2014:0423",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0423.html"
}
]
}
}

440
2014/0xxx/CVE-2014-0226.json
View File

@ -1,222 +1,222 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0226", "ID": "CVE-2014-0226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "34133", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/34133" "lang": "eng",
}, "value": "Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c."
{ }
"name" : "20140721 Apache HTTPd - description of the CVE-2014-0226.", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Jul/114" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://zerodayinitiative.com/advisories/ZDI-14-236/", "description": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-14-236/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://httpd.apache.org/security/vulnerabilities_24.html", ]
"refsource" : "CONFIRM", }
"url" : "http://httpd.apache.org/security/vulnerabilities_24.html" ]
}, },
{ "references": {
"name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c" "name": "HPSBUX03512",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
"name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h" "name": "http://advisories.mageia.org/MGASA-2014-0305.html",
}, "refsource": "CONFIRM",
{ "url": "http://advisories.mageia.org/MGASA-2014-0305.html"
"name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c" "name": "DSA-2989",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-2989"
"name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h" "name": "68678",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/68678"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1120603", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1120603" "name": "HPSBMU03409",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
"name" : "http://advisories.mageia.org/MGASA-2014-0304.html", },
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2014-0304.html" "name": "https://support.apple.com/HT204659",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT204659"
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" "name": "http://httpd.apache.org/security/vulnerabilities_24.html",
}, "refsource": "CONFIRM",
{ "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
"name" : "http://advisories.mageia.org/MGASA-2014-0305.html", },
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2014-0305.html" "name": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"
"name" : "https://support.apple.com/HT204659", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204659" "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c"
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", },
"refsource" : "CONFIRM", {
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" "name": "GLSA-201408-12",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml"
"name" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" "name": "GLSA-201504-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201504-03"
"name" : "https://puppet.com/security/cve/cve-2014-0226", },
"refsource" : "CONFIRM", {
"url" : "https://puppet.com/security/cve/cve-2014-0226" "name": "RHSA-2014:1020",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html"
"name" : "APPLE-SA-2015-04-08-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" "name": "60536",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60536"
"name" : "DSA-2989", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-2989" "name": "20140721 Apache HTTPd - description of the CVE-2014-0226.",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2014/Jul/114"
"name" : "GLSA-201504-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201504-03" "name": "HPSBMU03380",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2"
"name" : "GLSA-201408-12", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201408-12.xml" "name": "SSRT102066",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2"
"name" : "HPSBMU03380", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143748090628601&w=2" "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name" : "HPSBMU03409", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2" "name": "http://zerodayinitiative.com/advisories/ZDI-14-236/",
}, "refsource": "MISC",
{ "url": "http://zerodayinitiative.com/advisories/ZDI-14-236/"
"name" : "HPSBUX03337", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143403519711434&w=2" "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h"
"name" : "HPSBUX03512", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603"
"name" : "SSRT102066", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143403519711434&w=2" "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
}, "refsource": "CONFIRM",
{ "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
"name" : "SSRT102254", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" "name": "RHSA-2014:1021",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html"
"name" : "MDVSA-2014:142", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" "name": "SSRT102254",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
"name" : "RHSA-2014:1019", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1019.html" "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h"
"name" : "RHSA-2014:1020", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1020.html" "name": "APPLE-SA-2015-04-08-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
"name" : "RHSA-2014:1021", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1021.html" "name": "MDVSA-2014:142",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"
"name" : "68678", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68678" "name": "https://puppet.com/security/cve/cve-2014-0226",
}, "refsource": "CONFIRM",
{ "url": "https://puppet.com/security/cve/cve-2014-0226"
"name" : "109216", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/109216" "name": "RHSA-2014:1019",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html"
"name" : "60536", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60536" "name": "http://advisories.mageia.org/MGASA-2014-0304.html",
} "refsource": "CONFIRM",
] "url": "http://advisories.mageia.org/MGASA-2014-0304.html"
} },
} {
"name": "109216",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109216"
},
{
"name": "34133",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34133"
},
{
"name": "HPSBUX03337",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2"
},
{
"name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c"
}
]
}
}

170
2014/0xxx/CVE-2014-0273.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0273", "ID": "CVE-2014-0273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-010", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288."
{ }
"name" : "65371", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/65371" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103172", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/103172" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1029741", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1029741" ]
}, },
{ "references": {
"name" : "56796", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56796" "name": "MS14-010",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010"
"name" : "ms-ie-cve20140273-code-exec(90763)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90763" "name": "65371",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/65371"
} },
} {
"name": "1029741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029741"
},
{
"name": "56796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56796"
},
{
"name": "103172",
"refsource": "OSVDB",
"url": "http://osvdb.org/103172"
},
{
"name": "ms-ie-cve20140273-code-exec(90763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90763"
}
]
}
}

170
2014/0xxx/CVE-2014-0392.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0392", "ID": "CVE-2014-0392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security."
{ }
"name" : "64758", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64758" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64874", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64874" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "102039", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/102039" ]
}, },
{ "references": {
"name" : "1029623", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029623" "name": "102039",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/102039"
"name" : "56477", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56477" "name": "56477",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/56477"
} },
} {
"name": "1029623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029623"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "64874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64874"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}
]
}
}

200
2014/0xxx/CVE-2014-0550.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2014-0550", "ID": "CVE-2014-0550",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" "lang": "eng",
}, "value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555."
{ }
"name" : "GLSA-201409-05", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2014:1124", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2014:1110", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2014:1130", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" "name": "GLSA-201409-05",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201409-05.xml"
"name" : "69700", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69700" "name": "61089",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61089"
"name" : "1030822", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030822" "name": "openSUSE-SU-2014:1130",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
"name" : "61089", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61089" "name": "openSUSE-SU-2014:1110",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
"name" : "adobe-flash-cve20140550-code-exec(95820)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95820" "name": "69700",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/69700"
} },
} {
"name": "SUSE-SU-2014:1124",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"name": "adobe-flash-cve20140550-code-exec(95820)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95820"
},
{
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"name": "1030822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030822"
}
]
}
}

132
2014/10xxx/CVE-2014-10052.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2014-10052", "ID": "CVE-2014-10052",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear, Small Cell SoC", "product_name": "Snapdragon Mobile, Snapdragon Wear, Small Cell SoC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, SDX20" "version_value": "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Exposure in Core."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Exposure in Core."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

170
2014/1xxx/CVE-2014-1326.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1326", "ID": "CVE-2014-1326",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6254", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6254" "lang": "eng",
}, "value": "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1."
{ }
"name" : "https://support.apple.com/kb/HT6537", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT6537" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2014-05-21-1", "description": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2014-06-30-3", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2014-06-30-4", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" "name": "https://support.apple.com/kb/HT6537",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT6537"
"name" : "67553", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/67553" "name": "APPLE-SA-2014-06-30-4",
} "refsource": "APPLE",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html"
} },
} {
"name": "http://support.apple.com/kb/HT6254",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6254"
},
{
"name": "APPLE-SA-2014-06-30-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html"
},
{
"name": "67553",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67553"
},
{
"name": "APPLE-SA-2014-05-21-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html"
}
]
}
}

34
2014/1xxx/CVE-2014-1464.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1464", "ID": "CVE-2014-1464",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/1xxx/CVE-2014-1781.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-1781", "ID": "CVE-2014-1781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1792, CVE-2014-1804, and CVE-2014-2770."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-035", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" "lang": "eng",
}, "value": "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1792, CVE-2014-1804, and CVE-2014-2770."
{ }
"name" : "67874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/67874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030370", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030370" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "67874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67874"
},
{
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
}
]
}
}

120
2014/4xxx/CVE-2014-4634.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2014-4634", "ID": "CVE-2014-4634",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141230 ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html" "lang": "eng",
} "value": "Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141230 ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-12/0170.html"
}
]
}
}

34
2014/4xxx/CVE-2014-4913.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4913", "ID": "CVE-2014-4913",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/4xxx/CVE-2014-4923.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4923", "ID": "CVE-2014-4923",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

250
2014/5xxx/CVE-2014-5352.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5352", "ID": "CVE-2014-5352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt" "lang": "eng",
}, "value": "The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind."
{ }
"name" : "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/krb5/krb5/commit/82dc33da50338ac84c7b4102dc6513d897d0506a", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/krb5/krb5/commit/82dc33da50338ac84c7b4102dc6513d897d0506a" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3153", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3153" ]
}, },
{ "references": {
"name" : "FEDORA-2015-2382", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html" "name": "FEDORA-2015-2347",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151437.html"
"name" : "FEDORA-2015-2347", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151437.html" "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt",
}, "refsource": "CONFIRM",
{ "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt"
"name" : "MDVSA-2015:069", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:069" "name": "RHSA-2015:0794",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0794.html"
"name" : "RHSA-2015:0439", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0439.html" "name": "FEDORA-2015-2382",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html"
"name" : "RHSA-2015:0794", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0794.html" "name": "DSA-3153",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3153"
"name" : "SUSE-SU-2015:0257", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00011.html" "name": "openSUSE-SU-2015:0255",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html"
"name" : "SUSE-SU-2015:0290", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html" "name": "RHSA-2015:0439",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html"
"name" : "openSUSE-SU-2015:0255", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html" "name": "SUSE-SU-2015:0290",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html"
"name" : "USN-2498-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2498-1" "name": "MDVSA-2015:069",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:069"
"name" : "72495", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72495" "name": "USN-2498-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2498-1"
} },
} {
"name": "SUSE-SU-2015:0257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00011.html"
},
{
"name": "72495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72495"
},
{
"name": "https://github.com/krb5/krb5/commit/82dc33da50338ac84c7b4102dc6513d897d0506a",
"refsource": "CONFIRM",
"url": "https://github.com/krb5/krb5/commit/82dc33da50338ac84c7b4102dc6513d897d0506a"
},
{
"name": "http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt",
"refsource": "CONFIRM",
"url": "http://web.mit.edu/kerberos/advisories/2015-001-patch-r113.txt"
}
]
}
}

170
2014/9xxx/CVE-2014-9762.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9762", "ID": "CVE-2014-9762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56" "lang": "eng",
}, "value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap."
{ }
"name" : "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog", ]
"refsource" : "CONFIRM", },
"url" : "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3537", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3537" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201611-12", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201611-12" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:1330", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html" "name": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog",
}, "refsource": "CONFIRM",
{ "url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
"name" : "90959", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90959" "name": "GLSA-201611-12",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201611-12"
} },
} {
"name": "DSA-3537",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"name": "90959",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90959"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}

34
2014/9xxx/CVE-2014-9860.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9860", "ID": "CVE-2014-9860",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

240
2016/3xxx/CVE-2016-3492.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3492", "ID": "CVE-2016-3492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer."
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/", ]
"refsource" : "CONFIRM", },
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/", ]
"refsource" : "CONFIRM", }
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/" ]
}, },
{ "references": {
"name" : "GLSA-201701-01", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-01" "name": "RHSA-2016:2749",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
"name" : "RHSA-2016:2130", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2130.html" "name": "RHSA-2016:2131",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
"name" : "RHSA-2016:2131", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2131.html" "name": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
"name" : "RHSA-2016:2595", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2595.html" "name": "GLSA-201701-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-01"
"name" : "RHSA-2016:2749", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2749.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name" : "RHSA-2016:2927", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2927.html" "name": "93650",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93650"
"name" : "RHSA-2016:2928", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2928.html" "name": "RHSA-2016:2130",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
"name" : "93650", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93650" "name": "RHSA-2016:2927",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
"name" : "1037050", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037050" "name": "RHSA-2016:2595",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
} },
} {
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"name": "1037050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037050"
},
{
"name": "RHSA-2016:2928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
}
]
}
}

130
2016/3xxx/CVE-2016-3933.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3933", "ID": "CVE-2016-3933",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-10-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-10-01.html" "lang": "eng",
}, "value": "mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408."
{ }
"name" : "93311", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93311" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93311"
}
]
}
}

150
2016/7xxx/CVE-2016-7032.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-7032", "ID": "CVE-2016-7032",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1372830", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1372830" "lang": "eng",
}, "value": "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function."
{ }
"name" : "https://www.sudo.ws/alerts/noexec_bypass.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.sudo.ws/alerts/noexec_bypass.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:2872", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2872.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "95776", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/95776" ]
} },
] "references": {
} "reference_data": [
} {
"name": "RHSA-2016:2872",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"
},
{
"name": "https://www.sudo.ws/alerts/noexec_bypass.html",
"refsource": "CONFIRM",
"url": "https://www.sudo.ws/alerts/noexec_bypass.html"
},
{
"name": "95776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95776"
}
]
}
}

34
2016/7xxx/CVE-2016-7380.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7380", "ID": "CVE-2016-7380",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2016/7xxx/CVE-2016-7382.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2016-7382", "ID": "CVE-2016-7382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Quadro, NVS, GeForce, and Tesla (all versions)", "product_name": "Quadro, NVS, GeForce, and Tesla (all versions)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Quadro, NVS, GeForce, and Tesla (all versions)" "version_value": "Quadro, NVS, GeForce, and Tesla (all versions)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4246" "lang": "eng",
}, "value": "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges."
{ }
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", ]
"refsource" : "CONFIRM", },
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.lenovo.com/us/en/solutions/LEN-10822", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.lenovo.com/us/en/solutions/LEN-10822" "lang": "eng",
}, "value": "Incorrect Access Control"
{ }
"name" : "94177", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94177" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.lenovo.com/us/en/solutions/LEN-10822",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
},
{
"name": "94177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94177"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
]
}
}

130
2016/7xxx/CVE-2016-7489.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "larry0@me.com", "ASSIGNER": "larry0@me.com",
"ID" : "CVE-2016-7489", "ID": "CVE-2016-7489",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Virtual Machine Community Edition", "product_name": "Virtual Machine Community Edition",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v15.10" "version_value": "v15.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Teradata" "vendor_name": "Teradata"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "perm"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vapidlabs.com/advisory.php?v=173", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.vapidlabs.com/advisory.php?v=173" "lang": "eng",
}, "value": "Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution."
{ }
"name" : "94262", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94262" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "perm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94262"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=173",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=173"
}
]
}
}

130
2016/8xxx/CVE-2016-8567.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-8567", "ID": "CVE-2016-8567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Siemens SICAM PAS before 8.00", "product_name": "Siemens SICAM PAS before 8.00",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Siemens SICAM PAS before 8.00" "version_value": "Siemens SICAM PAS before 8.00"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Siemens SICAM PAS hard-coded passwords"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-01" "lang": "eng",
}, "value": "An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP."
{ }
"name" : "94549", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94549" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Siemens SICAM PAS hard-coded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-01"
},
{
"name": "94549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94549"
}
]
}
}

34
2016/8xxx/CVE-2016-8572.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8572", "ID": "CVE-2016-8572",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

232
2016/8xxx/CVE-2016-8618.json
View File

@ -1,118 +1,118 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psampaio@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-8618", "ID": "CVE-2016-8618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "curl", "product_name": "curl",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.51.0" "version_value": "7.51.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Curl Project" "vendor_name": "The Curl Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version" : "3.0"
}
],
[
{
"vectorString" : "4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version" : "2.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618" "lang": "eng",
}, "value": "The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables."
{ }
"name" : "https://curl.haxx.se/docs/adv_20161102D.html", ]
"refsource" : "CONFIRM", },
"url" : "https://curl.haxx.se/docs/adv_20161102D.html" "impact": {
}, "cvss": [
{ [
"name" : "https://www.tenable.com/security/tns-2016-21", {
"refsource" : "CONFIRM", "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"url" : "https://www.tenable.com/security/tns-2016-21" "version": "3.0"
}, }
{ ],
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "vectorString": "4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N",
}, "version": "2.0"
{ }
"name" : "GLSA-201701-47", ]
"refsource" : "GENTOO", ]
"url" : "https://security.gentoo.org/glsa/201701-47" },
}, "problemtype": {
{ "problemtype_data": [
"name" : "RHSA-2018:2486", {
"refsource" : "REDHAT", "description": [
"url" : "https://access.redhat.com/errata/RHSA-2018:2486" {
}, "lang": "eng",
{ "value": "CWE-416"
"name" : "RHSA-2018:3558", }
"refsource" : "REDHAT", ]
"url" : "https://access.redhat.com/errata/RHSA-2018:3558" }
}, ]
{ },
"name" : "94098", "references": {
"refsource" : "BID", "reference_data": [
"url" : "http://www.securityfocus.com/bid/94098" {
}, "name": "RHSA-2018:3558",
{ "refsource": "REDHAT",
"name" : "1037192", "url": "https://access.redhat.com/errata/RHSA-2018:3558"
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1037192" {
} "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618",
] "refsource": "CONFIRM",
} "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618"
} },
{
"name": "https://www.tenable.com/security/tns-2016-21",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"name": "1037192",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037192"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://curl.haxx.se/docs/adv_20161102D.html",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/docs/adv_20161102D.html"
},
{
"name": "RHSA-2018:2486",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name": "GLSA-201701-47",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-47"
},
{
"name": "94098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94098"
}
]
}
}

136
2016/8xxx/CVE-2016-8977.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-8977", "ID": "CVE-2016-8977",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BigFix Inventory", "product_name": "BigFix Inventory",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "" "version_value": ""
}, },
{ {
"version_value" : "9.2" "version_value": "9.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21995014", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21995014" "lang": "eng",
}, "value": "IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system."
{ }
"name" : "95308", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95308" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95308"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995014",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995014"
}
]
}
}

130
2016/8xxx/CVE-2016-8980.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-8980", "ID": "CVE-2016-8980",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BigFix Inventory", "product_name": "BigFix Inventory",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.2" "version_value": "9.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21995013", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21995013" "lang": "eng",
}, "value": "IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources."
{ }
"name" : "95141", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95141" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95141"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995013"
}
]
}
}

130
2016/8xxx/CVE-2016-8986.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-8986", "ID": "CVE-2016-8986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebSphere MQ", "product_name": "WebSphere MQ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8.0" "version_value": "8.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21998648", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21998648" "lang": "eng",
}, "value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
{ }
"name" : "96412", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96412" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96412"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998648",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
]
}
}

132
2016/9xxx/CVE-2016-9043.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2017-07-20T00:00:00", "DATE_PUBLIC": "2017-07-20T00:00:00",
"ID" : "CVE-2016-9043", "ID": "CVE-2016-9043",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CorelDRAW", "product_name": "CorelDRAW",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661) - x64 version" "version_value": "X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661) - x64 version"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Corel" "vendor_name": "Corel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out of bounds Write"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0261", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0261" "lang": "eng",
}, "value": "An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability."
{ }
"name" : "99900", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99900" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Out of bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0261",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0261"
},
{
"name": "99900",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99900"
}
]
}
}

150
2016/9xxx/CVE-2016-9412.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9412", "ID": "CVE-2016-9412",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" "lang": "eng",
}, "value": "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy."
{ }
"name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94395", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94395" ]
} },
] "references": {
} "reference_data": [
} {
"name": "94395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94395"
},
{
"name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
},
{
"name": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/",
"refsource": "CONFIRM",
"url": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/"
}
]
}
}

150
2016/9xxx/CVE-2016-9919.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9919", "ID": "CVE-2016-9919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/08/15" "lang": "eng",
}, "value": "The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94824", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94824" ]
} },
] "references": {
} "reference_data": [
} {
"name": "94824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94824"
},
{
"name": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
},
{
"name": "[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/15"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
}
]
}
}

34
2019/2xxx/CVE-2019-2257.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2257", "ID": "CVE-2019-2257",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2280.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2280", "ID": "CVE-2019-2280",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2319.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2319", "ID": "CVE-2019-2319",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2785.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2785", "ID": "CVE-2019-2785",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }