admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:20:17 +00:00
parent ff34eeec9b
commit acdf06d6a8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3616 additions and 3616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
2006/5xxx/CVE-2006-5767.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5767",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "2713",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2713"
},
{
"name" : "http://sourceforge.net/forum/forum.php?forum_id=636860",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=636860"
},
{
"name" : "20061226 Vendor ACK (basically) for Drake CMS RFI (CVE-2006-5767)",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-December/001202.html"
},
{
"name" : "20914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20914"
},
{
"name" : "ADV-2006-4345",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4345"
},
{
"name" : "drake-xhtml-file-include(30021)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30021"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4345",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4345"
},
{
"name": "20914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20914"
},
{
"name": "2713",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2713"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=636860",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=636860"
},
{
"name": "20061226 Vendor ACK (basically) for Drake CMS RFI (CVE-2006-5767)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-December/001202.html"
},
{
"name": "drake-xhtml-file-include(30021)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30021"
}
]
}
}

178
2007/2xxx/CVE-2007-2067.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2067",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3745",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3745"
},
{
"name" : "ADV-2007-1397",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1397"
},
{
"name" : "37436",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37436"
},
{
"name" : "37437",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37437"
},
{
"name" : "37438",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37438"
},
{
"name" : "37439",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37439"
},
{
"name" : "webslider-path-file-include(33689)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33689"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37439",
"refsource": "OSVDB",
"url": "http://osvdb.org/37439"
},
{
"name": "3745",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3745"
},
{
"name": "37438",
"refsource": "OSVDB",
"url": "http://osvdb.org/37438"
},
{
"name": "37437",
"refsource": "OSVDB",
"url": "http://osvdb.org/37437"
},
{
"name": "webslider-path-file-include(33689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33689"
},
{
"name": "37436",
"refsource": "OSVDB",
"url": "http://osvdb.org/37436"
},
{
"name": "ADV-2007-1397",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1397"
}
]
}
}

138
2007/2xxx/CVE-2007-2189.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2189",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3766",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3766"
},
{
"name" : "23561",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23561"
},
{
"name" : "mxbb-smartorfap-admin-file-include(33760)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33760"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mxbb-smartorfap-admin-file-include(33760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33760"
},
{
"name": "3766",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3766"
},
{
"name": "23561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23561"
}
]
}
}

148
2007/2xxx/CVE-2007-2272.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2272",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3795",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3795"
},
{
"name" : "23633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23633"
},
{
"name" : "25046",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25046"
},
{
"name" : "awbs-cart2-file-include(33860)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33860"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "awbs-cart2-file-include(33860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33860"
},
{
"name": "23633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23633"
},
{
"name": "3795",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3795"
},
{
"name": "25046",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25046"
}
]
}
}

248
2007/2xxx/CVE-2007-2787.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2787",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3951",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3951"
},
{
"name" : "3952",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3952"
},
{
"name" : "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html",
"refsource" : "MISC",
"url" : "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html"
},
{
"name" : "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html",
"refsource" : "MISC",
"url" : "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html"
},
{
"name" : "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html",
"refsource" : "MISC",
"url" : "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html"
},
{
"name" : "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html",
"refsource" : "MISC",
"url" : "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html"
},
{
"name" : "24053",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24053"
},
{
"name" : "24057",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24057"
},
{
"name" : "36028",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36028"
},
{
"name" : "36029",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36029"
},
{
"name" : "25331",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25331"
},
{
"name" : "25376",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25376"
},
{
"name" : "leadtools-ltrtm14e-bo(34378)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34378"
},
{
"name" : "leadtools-lttmb14e-bo(34379)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34379"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html",
"refsource": "MISC",
"url": "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html"
},
{
"name": "36028",
"refsource": "OSVDB",
"url": "http://osvdb.org/36028"
},
{
"name": "25331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25331"
},
{
"name": "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html"
},
{
"name": "24057",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24057"
},
{
"name": "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html",
"refsource": "MISC",
"url": "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html"
},
{
"name": "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html"
},
{
"name": "leadtools-lttmb14e-bo(34379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34379"
},
{
"name": "36029",
"refsource": "OSVDB",
"url": "http://osvdb.org/36029"
},
{
"name": "25376",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25376"
},
{
"name": "leadtools-ltrtm14e-bo(34378)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34378"
},
{
"name": "24053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24053"
},
{
"name": "3952",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3952"
},
{
"name": "3951",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3951"
}
]
}
}

158
2007/2xxx/CVE-2007-2879.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2879",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070525 GTP 3G © Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/469584/100/0/threaded"
},
{
"name" : "24152",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24152"
},
{
"name" : "38139",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38139"
},
{
"name" : "2737",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2737"
},
{
"name" : "gnuturk-portal-mods-xss(34514)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34514"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38139",
"refsource": "OSVDB",
"url": "http://osvdb.org/38139"
},
{
"name": "24152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24152"
},
{
"name": "gnuturk-portal-mods-xss(34514)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34514"
},
{
"name": "2737",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2737"
},
{
"name": "20070525 GTP 3G © Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469584/100/0/threaded"
}
]
}
}

158
2007/3xxx/CVE-2007-3076.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3076",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html",
"refsource" : "MISC",
"url" : "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html"
},
{
"name" : "24377",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24377"
},
{
"name" : "ADV-2007-2000",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2000"
},
{
"name" : "36046",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36046"
},
{
"name" : "25468",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25468"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2000",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2000"
},
{
"name": "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html",
"refsource": "MISC",
"url": "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html"
},
{
"name": "36046",
"refsource": "OSVDB",
"url": "http://osvdb.org/36046"
},
{
"name": "24377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24377"
},
{
"name": "25468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25468"
}
]
}
}

32
2007/3xxx/CVE-2007-3206.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3206",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3206",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

158
2007/3xxx/CVE-2007-3648.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3648",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.valarsoft.com/index.php?page=home&notizie=&notID=144#npos144",
"refsource" : "CONFIRM",
"url" : "http://www.valarsoft.com/index.php?page=home&notizie=&notID=144#npos144"
},
{
"name" : "24878",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24878"
},
{
"name" : "ADV-2007-2465",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2465"
},
{
"name" : "41104",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41104"
},
{
"name" : "26019",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26019"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26019"
},
{
"name": "24878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24878"
},
{
"name": "41104",
"refsource": "OSVDB",
"url": "http://osvdb.org/41104"
},
{
"name": "http://www.valarsoft.com/index.php?page=home&notizie=&notID=144#npos144",
"refsource": "CONFIRM",
"url": "http://www.valarsoft.com/index.php?page=home&notizie=&notID=144#npos144"
},
{
"name": "ADV-2007-2465",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2465"
}
]
}
}

158
2007/3xxx/CVE-2007-3788.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3788",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070711 Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/473663/100/0/threaded"
},
{
"name" : "http://labs.calyptix.com/CX-2007-05.php",
"refsource" : "MISC",
"url" : "http://labs.calyptix.com/CX-2007-05.php"
},
{
"name" : "http://labs.calyptix.com/CX-2007-05.txt",
"refsource" : "MISC",
"url" : "http://labs.calyptix.com/CX-2007-05.txt"
},
{
"name" : "38173",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38173"
},
{
"name" : "26005",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26005"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38173",
"refsource": "OSVDB",
"url": "http://osvdb.org/38173"
},
{
"name": "http://labs.calyptix.com/CX-2007-05.php",
"refsource": "MISC",
"url": "http://labs.calyptix.com/CX-2007-05.php"
},
{
"name": "http://labs.calyptix.com/CX-2007-05.txt",
"refsource": "MISC",
"url": "http://labs.calyptix.com/CX-2007-05.txt"
},
{
"name": "20070711 Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473663/100/0/threaded"
},
{
"name": "26005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26005"
}
]
}
}

238
2007/3xxx/CVE-2007-3947.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3947",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070719 rPSA-2007-0145-1 lighttpd",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474131/100/0/threaded"
},
{
"name" : "http://trac.lighttpd.net/trac/changeset/1869",
"refsource" : "MISC",
"url" : "http://trac.lighttpd.net/trac/changeset/1869"
},
{
"name" : "http://trac.lighttpd.net/trac/ticket/1232",
"refsource" : "CONFIRM",
"url" : "http://trac.lighttpd.net/trac/ticket/1232"
},
{
"name" : "DSA-1362",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1362"
},
{
"name" : "GLSA-200708-11",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200708-11.xml"
},
{
"name" : "SUSE-SR:2007:015",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name" : "24967",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24967"
},
{
"name" : "38313",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38313"
},
{
"name" : "ADV-2007-2585",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2585"
},
{
"name" : "26130",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26130"
},
{
"name" : "26158",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26158"
},
{
"name" : "26505",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26505"
},
{
"name" : "26593",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26593"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26158",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26158"
},
{
"name": "http://trac.lighttpd.net/trac/changeset/1869",
"refsource": "MISC",
"url": "http://trac.lighttpd.net/trac/changeset/1869"
},
{
"name": "38313",
"refsource": "OSVDB",
"url": "http://osvdb.org/38313"
},
{
"name": "ADV-2007-2585",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2585"
},
{
"name": "26130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26130"
},
{
"name": "20070719 rPSA-2007-0145-1 lighttpd",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474131/100/0/threaded"
},
{
"name": "24967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24967"
},
{
"name": "26593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26593"
},
{
"name": "http://trac.lighttpd.net/trac/ticket/1232",
"refsource": "CONFIRM",
"url": "http://trac.lighttpd.net/trac/ticket/1232"
},
{
"name": "DSA-1362",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1362"
},
{
"name": "GLSA-200708-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200708-11.xml"
},
{
"name": "SUSE-SR:2007:015",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name": "26505",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26505"
}
]
}
}

848
2007/6xxx/CVE-2007-6388.json
View File

@ -1,427 +1,427 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6388",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20080716 rPSA-2008-0035-1 httpd mod_ssl",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"name" : "20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"name" : "[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"name" : "http://httpd.apache.org/security/vulnerabilities_13.html",
"refsource" : "CONFIRM",
"url" : "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"name" : "http://httpd.apache.org/security/vulnerabilities_20.html",
"refsource" : "CONFIRM",
"url" : "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"name" : "http://httpd.apache.org/security/vulnerabilities_22.html",
"refsource" : "CONFIRM",
"url" : "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm"
},
{
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039",
"refsource" : "CONFIRM",
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039"
},
{
"name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf",
"refsource" : "CONFIRM",
"url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=307562",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html",
"refsource" : "CONFIRM",
"url" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name" : "PK59667",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only"
},
{
"name" : "PK62966",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966"
},
{
"name" : "PK63273",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273"
},
{
"name" : "PK65782",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"name" : "APPLE-SA-2008-03-18",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name" : "APPLE-SA-2008-05-28",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"name" : "FEDORA-2008-1695",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"
},
{
"name" : "FEDORA-2008-1711",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html"
},
{
"name" : "HPSBUX02313",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"name" : "SSRT080015",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"name" : "HPSBMA02388",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"name" : "SSRT080059",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"name" : "HPSBOV02683",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name" : "SSRT090208",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name" : "MDVSA-2008:014",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014"
},
{
"name" : "MDVSA-2008:015",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:015"
},
{
"name" : "MDVSA-2008:016",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016"
},
{
"name" : "RHSA-2008:0004",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0004.html"
},
{
"name" : "RHSA-2008:0005",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0005.html"
},
{
"name" : "RHSA-2008:0006",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0006.html"
},
{
"name" : "RHSA-2008:0007",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0007.html"
},
{
"name" : "RHSA-2008:0008",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0008.html"
},
{
"name" : "RHSA-2008:0009",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0009.html"
},
{
"name" : "RHSA-2008:0261",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name" : "SSA:2008-045-02",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748"
},
{
"name" : "233623",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"name" : "SUSE-SA:2008:021",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"name" : "USN-575-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-575-1"
},
{
"name" : "TA08-150A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"name" : "27237",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27237"
},
{
"name" : "oval:org.mitre.oval:def:10272",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272"
},
{
"name" : "32800",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/32800"
},
{
"name" : "ADV-2008-0047",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0047"
},
{
"name" : "ADV-2008-0447",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0447/references"
},
{
"name" : "ADV-2008-0554",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0554"
},
{
"name" : "ADV-2008-0809",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"name" : "ADV-2008-0924",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name" : "ADV-2008-0986",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0986/references"
},
{
"name" : "ADV-2008-1224",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"name" : "ADV-2008-1623",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"name" : "ADV-2008-1697",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name" : "1019154",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019154"
},
{
"name" : "28467",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28467"
},
{
"name" : "28471",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28471"
},
{
"name" : "28526",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28526"
},
{
"name" : "28607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28607"
},
{
"name" : "28749",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28749"
},
{
"name" : "28965",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28965"
},
{
"name" : "28977",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28977"
},
{
"name" : "28922",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28922"
},
{
"name" : "29420",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29420"
},
{
"name" : "29504",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29504"
},
{
"name" : "29640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29640"
},
{
"name" : "29806",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29806"
},
{
"name" : "29988",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29988"
},
{
"name" : "30356",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30356"
},
{
"name" : "30430",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30430"
},
{
"name" : "31142",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31142"
},
{
"name" : "30732",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30732"
},
{
"name" : "33200",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33200"
},
{
"name" : "3541",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3541"
},
{
"name" : "apache-status-page-xss(39472)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2008:0005",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0005.html"
},
{
"name": "ADV-2008-0554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0554"
},
{
"name": "ADV-2008-0447",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0447/references"
},
{
"name": "28922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28922"
},
{
"name": "ADV-2008-0986",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0986/references"
},
{
"name": "3541",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3541"
},
{
"name": "28749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28749"
},
{
"name": "SSA:2008-045-02",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748"
},
{
"name": "29988",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29988"
},
{
"name": "SSRT090208",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name": "ADV-2008-1623",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"name": "29806",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29806"
},
{
"name": "20080716 rPSA-2008-0035-1 httpd mod_ssl",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"name": "FEDORA-2008-1695",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"
},
{
"name": "1019154",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019154"
},
{
"name": "28526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28526"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "RHSA-2008:0006",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0006.html"
},
{
"name": "oval:org.mitre.oval:def:10272",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272"
},
{
"name": "31142",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31142"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html",
"refsource": "CONFIRM",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "233623",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"name": "RHSA-2008:0007",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0007.html"
},
{
"name": "http://httpd.apache.org/security/vulnerabilities_20.html",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"name": "ADV-2008-0047",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0047"
},
{
"name": "TA08-150A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"name": "RHSA-2008:0008",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0008.html"
},
{
"name": "FEDORA-2008-1711",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html"
},
{
"name": "RHSA-2008:0009",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0009.html"
},
{
"name": "MDVSA-2008:014",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "29504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29504"
},
{
"name": "http://httpd.apache.org/security/vulnerabilities_22.html",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"name": "SSRT080015",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "30430",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30430"
},
{
"name": "APPLE-SA-2008-05-28",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm"
},
{
"name": "apache-status-page-xss(39472)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
},
{
"name": "ADV-2008-0809",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"name": "HPSBOV02683",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
},
{
"name": "20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"name": "28467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28467"
},
{
"name": "SSRT080059",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039"
},
{
"name": "PK65782",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"name": "HPSBUX02313",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"name": "RHSA-2008:0004",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0004.html"
},
{
"name": "[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"name": "28607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28607"
},
{
"name": "PK62966",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966"
},
{
"name": "SUSE-SA:2008:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"name": "30356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30356"
},
{
"name": "http://httpd.apache.org/security/vulnerabilities_13.html",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"name": "PK63273",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273"
},
{
"name": "MDVSA-2008:015",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:015"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "33200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33200"
},
{
"name": "28965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28965"
},
{
"name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf",
"refsource": "CONFIRM",
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf"
},
{
"name": "28471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28471"
},
{
"name": "27237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27237"
},
{
"name": "HPSBMA02388",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"name": "ADV-2008-1697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name": "RHSA-2008:0261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "USN-575-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"name": "29640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29640"
},
{
"name": "32800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32800"
},
{
"name": "28977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28977"
},
{
"name": "30732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30732"
},
{
"name": "ADV-2008-1224",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"name": "PK59667",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only"
},
{
"name": "MDVSA-2008:016",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016"
}
]
}
}

118
2007/6xxx/CVE-2007-6484.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6484",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "27968",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27968"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27968"
}
]
}
}

148
2010/1xxx/CVE-2010-1044.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1044",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt"
},
{
"name" : "11330",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11330"
},
{
"name" : "38082",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38082"
},
{
"name" : "oputils-login-sql-injection(56102)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56102"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11330",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11330"
},
{
"name": "oputils-login-sql-injection(56102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56102"
},
{
"name": "38082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38082"
},
{
"name": "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt"
}
]
}
}

138
2010/1xxx/CVE-2010-1846.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1846",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "1024723",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024723"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024723"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
}
]
}
}

128
2010/5xxx/CVE-2010-5238.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5238",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html",
"refsource" : "MISC",
"url" : "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html"
},
{
"name" : "41142",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41142"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html",
"refsource": "MISC",
"url": "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html"
},
{
"name": "41142",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41142"
}
]
}
}

32
2010/5xxx/CVE-2010-5305.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5305",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5305",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

148
2014/0xxx/CVE-2014-0186.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0186",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://security-tracker.debian.org/tracker/CVE-2014-0186",
"refsource" : "MISC",
"url" : "https://security-tracker.debian.org/tracker/CVE-2014-0186"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1089884",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1089884"
},
{
"name" : "RHSA-2014:0686",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2014-0686.html"
},
{
"name" : "108060",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/108060"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0686",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2014-0686.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884"
},
{
"name": "108060",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/108060"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0186",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0186"
}
]
}
}

118
2014/0xxx/CVE-2014-0324.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0324",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-012",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS14-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012"
}
]
}
}

118
2014/0xxx/CVE-2014-0528.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0528",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://helpx.adobe.com/security/products/reader/apsb14-15.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
}
]
}
}

128
2014/0xxx/CVE-2014-0570.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0570",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html"
},
{
"name" : "1031020",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031020"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031020",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031020"
},
{
"name": "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html"
}
]
}
}

138
2014/0xxx/CVE-2014-0843.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0843",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665005",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665005"
},
{
"name" : "65730",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65730"
},
{
"name" : "ibm-focalpoint-cve20140843-file-upload(90714)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90714"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65730"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21665005",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21665005"
},
{
"name": "ibm-focalpoint-cve20140843-file-upload(90714)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90714"
}
]
}
}

178
2014/0xxx/CVE-2014-0964.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0964",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21671835",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21671835"
},
{
"name" : "http://www-304.ibm.com/support/docview.wss?uid=swg21673808",
"refsource" : "CONFIRM",
"url" : "http://www-304.ibm.com/support/docview.wss?uid=swg21673808"
},
{
"name" : "PI14306",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14306"
},
{
"name" : "PI16981",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI16981"
},
{
"name" : "PI17128",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI17128"
},
{
"name" : "1030280",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030280"
},
{
"name" : "ibm-was-cve20140964-scan(92877)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92877"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21671835",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671835"
},
{
"name": "PI14306",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14306"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21673808",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21673808"
},
{
"name": "ibm-was-cve20140964-scan(92877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92877"
},
{
"name": "PI17128",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI17128"
},
{
"name": "1030280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030280"
},
{
"name": "PI16981",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI16981"
}
]
}
}

158
2014/1xxx/CVE-2014-1443.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1443",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20140205 Core FTP Server Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Feb/39"
},
{
"name" : "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html"
},
{
"name" : "http://coreftp.com/forums/viewtopic.php?t=2985707",
"refsource" : "CONFIRM",
"url" : "http://coreftp.com/forums/viewtopic.php?t=2985707"
},
{
"name" : "102968",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/102968"
},
{
"name" : "56850",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56850"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html"
},
{
"name": "102968",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/102968"
},
{
"name": "http://coreftp.com/forums/viewtopic.php?t=2985707",
"refsource": "CONFIRM",
"url": "http://coreftp.com/forums/viewtopic.php?t=2985707"
},
{
"name": "56850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56850"
},
{
"name": "20140205 Core FTP Server Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Feb/39"
}
]
}
}

408
2014/1xxx/CVE-2014-1518.json
View File

@ -1,207 +1,207 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1518",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944353",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944353"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=952022",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=952022"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=966630",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=966630"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=980537",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=980537"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986678",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986678"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986843",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986843"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=991471",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=991471"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=992968",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=992968"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=993546",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=993546"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "DSA-2918",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2918"
},
{
"name" : "DSA-2924",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2924"
},
{
"name" : "FEDORA-2014-5829",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html"
},
{
"name" : "FEDORA-2014-5833",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "RHSA-2014:0448",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0448.html"
},
{
"name" : "RHSA-2014:0449",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0449.html"
},
{
"name" : "SUSE-SU-2014:0665",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html"
},
{
"name" : "openSUSE-SU-2014:0602",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html"
},
{
"name" : "openSUSE-SU-2014:0640",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html"
},
{
"name" : "openSUSE-SU-2014:0599",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html"
},
{
"name" : "openSUSE-SU-2014:0629",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html"
},
{
"name" : "SUSE-SU-2014:0727",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html"
},
{
"name" : "USN-2189-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2189-1"
},
{
"name" : "USN-2185-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2185-1"
},
{
"name" : "67123",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67123"
},
{
"name" : "1030163",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030163"
},
{
"name" : "1030164",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030164"
},
{
"name" : "59866",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59866"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0448",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0448.html"
},
{
"name": "67123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67123"
},
{
"name": "FEDORA-2014-5833",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html"
},
{
"name": "openSUSE-SU-2014:0602",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html"
},
{
"name": "openSUSE-SU-2014:0599",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html"
},
{
"name": "openSUSE-SU-2014:0629",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=992968",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=992968"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=952022",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=952022"
},
{
"name": "SUSE-SU-2014:0727",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "59866",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59866"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2014:0640",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html"
},
{
"name": "USN-2189-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2189-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944353",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944353"
},
{
"name": "RHSA-2014:0449",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0449.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=986678",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=986678"
},
{
"name": "SUSE-SU-2014:0665",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html"
},
{
"name": "DSA-2918",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2918"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=980537",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=980537"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=966630",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966630"
},
{
"name": "DSA-2924",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2924"
},
{
"name": "USN-2185-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2185-1"
},
{
"name": "1030164",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030164"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=991471",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=991471"
},
{
"name": "1030163",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030163"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=993546",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=993546"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=986843",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=986843"
},
{
"name": "FEDORA-2014-5829",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html"
}
]
}
}

148
2014/1xxx/CVE-2014-1811.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1811",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka \"TCP Denial of Service Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-1811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx"
},
{
"name" : "MS14-031",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-031"
},
{
"name" : "67888",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67888"
},
{
"name" : "58525",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58525"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka \"TCP Denial of Service Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS14-031",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-031"
},
{
"name": "58525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58525"
},
{
"name": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx"
},
{
"name": "67888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67888"
}
]
}
}

32
2014/1xxx/CVE-2014-1924.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1924",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1924",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

228
2014/4xxx/CVE-2014-4404.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4404",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/kb/HT6535",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6535"
},
{
"name" : "https://support.apple.com/HT204659",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT204659"
},
{
"name" : "http://support.apple.com/kb/HT6441",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6441"
},
{
"name" : "http://support.apple.com/kb/HT6442",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6442"
},
{
"name" : "APPLE-SA-2014-09-17-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
},
{
"name" : "APPLE-SA-2014-09-17-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
},
{
"name" : "APPLE-SA-2014-10-16-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name" : "APPLE-SA-2015-04-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name" : "69882",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69882"
},
{
"name" : "69947",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69947"
},
{
"name" : "1030866",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030866"
},
{
"name" : "appleios-cve20144404-bo(96111)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name": "http://support.apple.com/kb/HT6441",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6441"
},
{
"name": "1030866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030866"
},
{
"name": "69947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69947"
},
{
"name": "http://support.apple.com/kb/HT6442",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6442"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "APPLE-SA-2014-09-17-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
},
{
"name": "69882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69882"
},
{
"name": "appleios-cve20144404-bo(96111)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111"
},
{
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "APPLE-SA-2014-09-17-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
}
]
}
}

32
2014/4xxx/CVE-2014-4464.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4464",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-4464",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

118
2014/5xxx/CVE-2014-5194.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5194",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "34189",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/34189"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34189",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34189"
}
]
}
}

158
2014/5xxx/CVE-2014-5263.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5263",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20140804 CVE Request -- qemu: missing field list terminator in vmstate_xhci_event",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/08/04/1"
},
{
"name" : "[oss-security] 20140815 Re: CVE Request -- qemu: missing field list terminator in vmstate_xhci_event",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/08/16/1"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1126543",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1126543"
},
{
"name" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56",
"refsource" : "CONFIRM",
"url" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56"
},
{
"name" : "USN-2409-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2409-1"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140804 CVE Request -- qemu: missing field list terminator in vmstate_xhci_event",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/04/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1126543",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126543"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56"
},
{
"name": "[oss-security] 20140815 Re: CVE Request -- qemu: missing field list terminator in vmstate_xhci_event",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/16/1"
},
{
"name": "USN-2409-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2409-1"
}
]
}
}

32
2015/2xxx/CVE-2015-2130.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2130",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-2130",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

32
2015/2xxx/CVE-2015-2193.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2193",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2193",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

168
2016/10xxx/CVE-2016-10087.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10087",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161229 libpng NULL pointer dereference bugfix",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/29/2"
},
{
"name" : "[oss-security] 20161230 Re: libpng NULL pointer dereference bugfix",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/30/4"
},
{
"name" : "GLSA-201701-74",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-74"
},
{
"name" : "USN-3712-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3712-1/"
},
{
"name" : "USN-3712-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3712-2/"
},
{
"name" : "95157",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95157"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-74",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-74"
},
{
"name": "USN-3712-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3712-1/"
},
{
"name": "[oss-security] 20161230 Re: libpng NULL pointer dereference bugfix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/30/4"
},
{
"name": "95157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95157"
},
{
"name": "USN-3712-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3712-2/"
},
{
"name": "[oss-security] 20161229 libpng NULL pointer dereference bugfix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/29/2"
}
]
}
}

128
2016/10xxx/CVE-2016-10186.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10186",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html",
"refsource" : "MISC",
"url" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html"
},
{
"name" : "95877",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95877"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html",
"refsource": "MISC",
"url": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html"
},
{
"name": "95877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95877"
}
]
}
}

120
2016/10xxx/CVE-2016-10657.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2016-10657",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "co-cli-installer node module",
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2016-10657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "co-cli-installer node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://nodesecurity.io/advisories/268",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/268"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/268",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/268"
}
]
}
}

148
2016/3xxx/CVE-2016-3281.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3281",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-088",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088"
},
{
"name" : "91588",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91588"
},
{
"name" : "1036274",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036274"
},
{
"name" : "1036275",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036275"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036274",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036274"
},
{
"name": "91588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91588"
},
{
"name": "1036275",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036275"
},
{
"name": "MS16-088",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088"
}
]
}
}

118
2016/4xxx/CVE-2016-4025.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4025",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/",
"refsource" : "MISC",
"url" : "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/",
"refsource": "MISC",
"url": "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/"
}
]
}
}

32
2016/8xxx/CVE-2016-8179.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8179",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8179",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2016/8xxx/CVE-2016-8255.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8255",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8255",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

160
2016/8xxx/CVE-2016-8653.json
View File

@ -1,83 +1,83 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psampaio@redhat.com",
"ID" : "CVE-2016-8653",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Fuse",
"version" : {
"version_data" : [
{
"version_value" : "6"
}
]
}
}
]
},
"vendor_name" : "Red Hat"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version" : "3.0"
}
],
[
{
"vectorString" : "5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version" : "2.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-502"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fuse",
"version": {
"version_data": [
{
"version_value": "6"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653"
},
{
"name" : "94544",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94544"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
[
{
"vectorString": "5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653"
},
{
"name": "94544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94544"
}
]
}
}

32
2016/8xxx/CVE-2016-8836.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8836",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8836",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

32
2016/8xxx/CVE-2016-8881.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8881",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8881",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

128
2016/9xxx/CVE-2016-9086.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9086",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GitLab versions 8.9.x and above contain a critical security flaw in the \"import/export project\" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/",
"refsource" : "CONFIRM",
"url" : "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/"
},
{
"name" : "94136",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94136"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GitLab versions 8.9.x and above contain a critical security flaw in the \"import/export project\" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/",
"refsource": "CONFIRM",
"url": "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/"
},
{
"name": "94136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94136"
}
]
}
}

32
2016/9xxx/CVE-2016-9236.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9236",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9236",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

148
2016/9xxx/CVE-2016-9397.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9397",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161117 Re: jasper: multiple assertion failures",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/17/1"
},
{
"name" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396979",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396979"
},
{
"name" : "94373",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94373"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1396979",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396979"
},
{
"name": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"
},
{
"name": "[oss-security] 20161117 Re: jasper: multiple assertion failures",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/17/1"
},
{
"name": "94373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94373"
}
]
}
}

32
2016/9xxx/CVE-2016-9664.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9664",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9664",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

32
2019/2xxx/CVE-2019-2059.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2059",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2059",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/2xxx/CVE-2019-2139.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2139",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2139",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/2xxx/CVE-2019-2722.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2722",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2722",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/2xxx/CVE-2019-2723.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2723",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2723",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/2xxx/CVE-2019-2911.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2911",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2911",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

118
2019/6xxx/CVE-2019-6244.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6244",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fdbao/UsualToolCMS/issues/1",
"refsource" : "MISC",
"url" : "https://github.com/fdbao/UsualToolCMS/issues/1"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fdbao/UsualToolCMS/issues/1",
"refsource": "MISC",
"url": "https://github.com/fdbao/UsualToolCMS/issues/1"
}
]
}
}

32
2019/6xxx/CVE-2019-6346.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6346",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6346",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/6xxx/CVE-2019-6532.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6532",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6532",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/6xxx/CVE-2019-6797.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6797",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6797",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/7xxx/CVE-2019-7466.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7466",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7466",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/7xxx/CVE-2019-7518.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7518",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7518",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}