admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:39:46 +00:00
parent 28963f3709
commit ae7effc67b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 3518 additions and 3518 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
2006/1xxx/CVE-2006-1042.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1042",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060303 Gregarius 0.5.2 XSS and SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/426656/100/0/threaded"
},
{
"name" : "16939",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16939"
},
{
"name" : "ADV-2006-0819",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0819"
},
{
"name" : "23680",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23680"
},
{
"name" : "23681",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23681"
},
{
"name" : "19102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19102"
},
{
"name" : "537",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/537"
},
{
"name" : "gregarius-feed-sql-injection(25059)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25059"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16939",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16939"
},
{
"name": "20060303 Gregarius 0.5.2 XSS and SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426656/100/0/threaded"
},
{
"name": "gregarius-feed-sql-injection(25059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25059"
},
{
"name": "23681",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23681"
},
{
"name": "23680",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23680"
},
{
"name": "537",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/537"
},
{
"name": "ADV-2006-0819",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0819"
},
{
"name": "19102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19102"
}
]
}
}

210
2006/1xxx/CVE-2006-1130.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1130",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060308 [eVuln] EKINboard 'img' BBCode XSS & Cookie 'username' SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/427073/100/0/threaded"
},
{
"name" : "http://evuln.com/vulns/88/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/88/summary.html"
},
{
"name" : "http://www.ekinboard.com/forums/v1/viewtopic.php?id=469",
"refsource" : "CONFIRM",
"url" : "http://www.ekinboard.com/forums/v1/viewtopic.php?id=469"
},
{
"name" : "http://www.ekinboard.com/patch_for_1.0.3.txt",
"refsource" : "MISC",
"url" : "http://www.ekinboard.com/patch_for_1.0.3.txt"
},
{
"name" : "16861",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16861"
},
{
"name" : "ADV-2006-0758",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0758"
},
{
"name" : "23546",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23546"
},
{
"name" : "19045",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19045"
},
{
"name" : "558",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/558"
},
{
"name" : "ekinboard-bbcode-xss(24921)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24921"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060308 [eVuln] EKINboard 'img' BBCode XSS & Cookie 'username' SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427073/100/0/threaded"
},
{
"name": "558",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/558"
},
{
"name": "ADV-2006-0758",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0758"
},
{
"name": "http://evuln.com/vulns/88/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/88/summary.html"
},
{
"name": "http://www.ekinboard.com/forums/v1/viewtopic.php?id=469",
"refsource": "CONFIRM",
"url": "http://www.ekinboard.com/forums/v1/viewtopic.php?id=469"
},
{
"name": "16861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16861"
},
{
"name": "19045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19045"
},
{
"name": "23546",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23546"
},
{
"name": "http://www.ekinboard.com/patch_for_1.0.3.txt",
"refsource": "MISC",
"url": "http://www.ekinboard.com/patch_for_1.0.3.txt"
},
{
"name": "ekinboard-bbcode-xss(24921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24921"
}
]
}
}

360
2006/1xxx/CVE-2006-1168.json
View File

@ -1,182 +1,182 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1168",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security-info@sgi.com",
"ID": "CVE-2006-1168",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=141728",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=141728"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=728536",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=728536"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-226.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-226.htm"
},
{
"name" : "http://downloads.avaya.com/css/P8/documents/100158840",
"refsource" : "CONFIRM",
"url" : "http://downloads.avaya.com/css/P8/documents/100158840"
},
{
"name" : "DSA-1149",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1149"
},
{
"name" : "GLSA-200610-03",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200610-03.xml"
},
{
"name" : "MDKSA-2006:140",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:140"
},
{
"name" : "MDVSA-2012:129",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"
},
{
"name" : "RHSA-2006:0663",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0663.html"
},
{
"name" : "RHSA-2012:0810",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0810.html"
},
{
"name" : "20060901-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
},
{
"name" : "SUSE-SR:2006:020",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_20_sr.html"
},
{
"name" : "19455",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19455"
},
{
"name" : "oval:org.mitre.oval:def:9373",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9373"
},
{
"name" : "ADV-2006-3234",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3234"
},
{
"name" : "1016836",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016836"
},
{
"name" : "21427",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21427"
},
{
"name" : "21434",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21434"
},
{
"name" : "21437",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21437"
},
{
"name" : "21880",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21880"
},
{
"name" : "22036",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22036"
},
{
"name" : "22296",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22296"
},
{
"name" : "22377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22377"
},
{
"name" : "21467",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21467"
},
{
"name" : "ncompress-decompress-underflow(28315)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28315"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21437"
},
{
"name": "ncompress-decompress-underflow(28315)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28315"
},
{
"name": "GLSA-200610-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200610-03.xml"
},
{
"name": "SUSE-SR:2006:020",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_20_sr.html"
},
{
"name": "MDKSA-2006:140",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:140"
},
{
"name": "22296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22296"
},
{
"name": "oval:org.mitre.oval:def:9373",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9373"
},
{
"name": "19455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19455"
},
{
"name": "http://downloads.avaya.com/css/P8/documents/100158840",
"refsource": "CONFIRM",
"url": "http://downloads.avaya.com/css/P8/documents/100158840"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=141728",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=141728"
},
{
"name": "21434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21434"
},
{
"name": "DSA-1149",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1149"
},
{
"name": "21467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21467"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-226.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-226.htm"
},
{
"name": "20060901-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
},
{
"name": "RHSA-2006:0663",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0663.html"
},
{
"name": "ADV-2006-3234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3234"
},
{
"name": "RHSA-2012:0810",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=728536",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=728536"
},
{
"name": "22377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22377"
},
{
"name": "21427",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21427"
},
{
"name": "1016836",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016836"
},
{
"name": "22036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22036"
},
{
"name": "21880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21880"
},
{
"name": "MDVSA-2012:129",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"
}
]
}
}

160
2006/1xxx/CVE-2006-1378.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1378",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ rand function) during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand() seed values and conducting a known plaintext attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060323 PasswordSafe 3.0 weak random number generator allows key recovery attack",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428552/100/0/threaded"
},
{
"name" : "20060907 Re: PasswordSafe 3.0 weak random number generator allows key recovery attack",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/445509/100/0/threaded"
},
{
"name" : "17200",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17200"
},
{
"name" : "618",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/618"
},
{
"name" : "passwordsafe-key-brute-force(25429)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25429"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ rand function) during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand() seed values and conducting a known plaintext attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "passwordsafe-key-brute-force(25429)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25429"
},
{
"name": "618",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/618"
},
{
"name": "20060323 PasswordSafe 3.0 weak random number generator allows key recovery attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428552/100/0/threaded"
},
{
"name": "20060907 Re: PasswordSafe 3.0 weak random number generator allows key recovery attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445509/100/0/threaded"
},
{
"name": "17200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17200"
}
]
}
}

170
2006/1xxx/CVE-2006-1545.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1545",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060411 [eVuln] VNews Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430674/100/0/threaded"
},
{
"name" : "http://www.evuln.com/vulns/112",
"refsource" : "MISC",
"url" : "http://www.evuln.com/vulns/112"
},
{
"name" : "ADV-2006-1173",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1173"
},
{
"name" : "24276",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24276"
},
{
"name" : "19435",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19435"
},
{
"name" : "vnews-config-file-include(25531)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25531"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24276",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24276"
},
{
"name": "20060411 [eVuln] VNews Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430674/100/0/threaded"
},
{
"name": "19435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19435"
},
{
"name": "ADV-2006-1173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1173"
},
{
"name": "http://www.evuln.com/vulns/112",
"refsource": "MISC",
"url": "http://www.evuln.com/vulns/112"
},
{
"name": "vnews-config-file-include(25531)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25531"
}
]
}
}

180
2006/1xxx/CVE-2006-1655.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1655",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it is not clear."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/mpg1DoS3.pl",
"refsource" : "MISC",
"url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/mpg1DoS3.pl"
},
{
"name" : "DSA-1074",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1074"
},
{
"name" : "MDKSA-2006:092",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:092"
},
{
"name" : "17365",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17365"
},
{
"name" : "20240",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20240"
},
{
"name" : "20275",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20275"
},
{
"name" : "20281",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20281"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it is not clear."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1074",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1074"
},
{
"name": "20281",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20281"
},
{
"name": "20240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20240"
},
{
"name": "17365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17365"
},
{
"name": "MDKSA-2006:092",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:092"
},
{
"name": "20275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20275"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/mpg1DoS3.pl",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/mpg1DoS3.pl"
}
]
}
}

150
2006/5xxx/CVE-2006-5166.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5166",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in functions.php in PHP Web Scripts Easy Banner Free allows remote attackers to execute arbitrary PHP code via a URL in the s[phppath] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061001 EasyBannerFree (functions.php) Remote File Include Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447499/100/0/threaded"
},
{
"name" : "20295",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20295"
},
{
"name" : "1684",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1684"
},
{
"name" : "easybannerfree-functions-file-include(29311)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29311"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in functions.php in PHP Web Scripts Easy Banner Free allows remote attackers to execute arbitrary PHP code via a URL in the s[phppath] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061001 EasyBannerFree (functions.php) Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447499/100/0/threaded"
},
{
"name": "1684",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1684"
},
{
"name": "20295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20295"
},
{
"name": "easybannerfree-functions-file-include(29311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29311"
}
]
}
}

160
2006/5xxx/CVE-2006-5323.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5323",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a \"possible security exposure,\" aka PK29360."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"
},
{
"name" : "PK29360",
"refsource" : "AIXAPAR",
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=PK29360&apar=only"
},
{
"name" : "ADV-2006-4000",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4000"
},
{
"name" : "22372",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22372"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a \"possible security exposure,\" aka PK29360."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "PK29360",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK29360&apar=only"
},
{
"name": "22372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22372"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"
},
{
"name": "ADV-2006-4000",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4000"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142"
}
]
}
}

180
2006/5xxx/CVE-2006-5450.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5450",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061019 KICS CMS sql injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/449227/100/0/threaded"
},
{
"name" : "20607",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20607"
},
{
"name" : "ADV-2006-4130",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4130"
},
{
"name" : "29901",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/29901"
},
{
"name" : "22493",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22493"
},
{
"name" : "1757",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1757"
},
{
"name" : "kics-txtpassword-sql-injection(29683)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29683"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1757",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1757"
},
{
"name": "20607",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20607"
},
{
"name": "20061019 KICS CMS sql injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449227/100/0/threaded"
},
{
"name": "ADV-2006-4130",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4130"
},
{
"name": "kics-txtpassword-sql-injection(29683)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29683"
},
{
"name": "22493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22493"
},
{
"name": "29901",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29901"
}
]
}
}

120
2007/2xxx/CVE-2007-2146.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2146",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The imagecomments function in classes.php in MiniGal b13 allow remote attackers to inject arbitrary PHP code into a file in the thumbs/ directory via the (1) name or (2) email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ADV-2007-1430",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1430"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The imagecomments function in classes.php in MiniGal b13 allow remote attackers to inject arbitrary PHP code into a file in the thumbs/ directory via the (1) name or (2) email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1430"
}
]
}
}

150
2007/2xxx/CVE-2007-2190.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2190",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070420 Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/466406/100/0/threaded"
},
{
"name" : "http://ebascripts.com/",
"refsource" : "MISC",
"url" : "http://ebascripts.com/"
},
{
"name" : "2607",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2607"
},
{
"name" : "ebanews-webpages-file-include(33783)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33783"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ebascripts.com/",
"refsource": "MISC",
"url": "http://ebascripts.com/"
},
{
"name": "20070420 Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466406/100/0/threaded"
},
{
"name": "2607",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2607"
},
{
"name": "ebanews-webpages-file-include(33783)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33783"
}
]
}
}

160
2007/2xxx/CVE-2007-2512.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2512",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070607 RUS-CERT 2007-06:01 (1380): Insecure Defaults in A-L OmniPCX 7.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470742/100/0/threaded"
},
{
"name" : "http://cert.uni-stuttgart.de/advisories/al-ip-touch-vlan-filtering.php",
"refsource" : "MISC",
"url" : "http://cert.uni-stuttgart.de/advisories/al-ip-touch-vlan-filtering.php"
},
{
"name" : "24360",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24360"
},
{
"name" : "38526",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38526"
},
{
"name" : "alcatellucent-voip-unauthorized-access(34760)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34760"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070607 RUS-CERT 2007-06:01 (1380): Insecure Defaults in A-L OmniPCX 7.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470742/100/0/threaded"
},
{
"name": "24360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24360"
},
{
"name": "http://cert.uni-stuttgart.de/advisories/al-ip-touch-vlan-filtering.php",
"refsource": "MISC",
"url": "http://cert.uni-stuttgart.de/advisories/al-ip-touch-vlan-filtering.php"
},
{
"name": "alcatellucent-voip-unauthorized-access(34760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34760"
},
{
"name": "38526",
"refsource": "OSVDB",
"url": "http://osvdb.org/38526"
}
]
}
}

190
2010/0xxx/CVE-2010-0119.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0119",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to \"echoing.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-0119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100222 Secunia Research: Bournal ccrypt Information Disclosure Security Issue",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/509688/100/0/threaded"
},
{
"name" : "http://secunia.com/secunia_research/2010-7/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2010-7/"
},
{
"name" : "FEDORA-2010-3168",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036764.html"
},
{
"name" : "FEDORA-2010-3221",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036701.html"
},
{
"name" : "FEDORA-2010-3301",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036697.html"
},
{
"name" : "38352",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38352"
},
{
"name" : "38723",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38723"
},
{
"name" : "38814",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38814"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to \"echoing.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100222 Secunia Research: Bournal ccrypt Information Disclosure Security Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509688/100/0/threaded"
},
{
"name": "FEDORA-2010-3221",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036701.html"
},
{
"name": "FEDORA-2010-3168",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036764.html"
},
{
"name": "38352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38352"
},
{
"name": "38814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38814"
},
{
"name": "38723",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38723"
},
{
"name": "FEDORA-2010-3301",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036697.html"
},
{
"name": "http://secunia.com/secunia_research/2010-7/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-7/"
}
]
}
}

130
2010/0xxx/CVE-2010-0215.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0215",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, and (1) delete an attachment or (2) subscribe to an object, via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2010-0215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.activecollab.com/docs/manuals/admin/release-notes/activecollab-2-3-2",
"refsource" : "CONFIRM",
"url" : "http://www.activecollab.com/docs/manuals/admin/release-notes/activecollab-2-3-2"
},
{
"name" : "VU#236703",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/236703"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, and (1) delete an attachment or (2) subscribe to an object, via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#236703",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/236703"
},
{
"name": "http://www.activecollab.com/docs/manuals/admin/release-notes/activecollab-2-3-2",
"refsource": "CONFIRM",
"url": "http://www.activecollab.com/docs/manuals/admin/release-notes/activecollab-2-3-2"
}
]
}
}

190
2010/0xxx/CVE-2010-0303.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0303",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 through 1.9.4 allows remote attackers to cause a denial of service (daemon crash) via a \":help \\t\" private message to the MemoServ service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-0303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20100129 Re: CVE id: hybserv",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=126476591925300&w=2"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550389",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550389"
},
{
"name" : "http://security.debian.org/pool/updates/main/h/hybserv/hybserv_1.9.2-4+lenny2.diff.gz",
"refsource" : "CONFIRM",
"url" : "http://security.debian.org/pool/updates/main/h/hybserv/hybserv_1.9.2-4+lenny2.diff.gz"
},
{
"name" : "DSA-1982",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-1982"
},
{
"name" : "38006",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38006"
},
{
"name" : "38350",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38350"
},
{
"name" : "38352",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38352"
},
{
"name" : "hybserv2-privatemessage-dos(55992)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55992"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 through 1.9.4 allows remote attackers to cause a denial of service (daemon crash) via a \":help \\t\" private message to the MemoServ service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38006"
},
{
"name": "http://security.debian.org/pool/updates/main/h/hybserv/hybserv_1.9.2-4+lenny2.diff.gz",
"refsource": "CONFIRM",
"url": "http://security.debian.org/pool/updates/main/h/hybserv/hybserv_1.9.2-4+lenny2.diff.gz"
},
{
"name": "hybserv2-privatemessage-dos(55992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55992"
},
{
"name": "[oss-security] 20100129 Re: CVE id: hybserv",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=126476591925300&w=2"
},
{
"name": "38350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38350"
},
{
"name": "DSA-1982",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1982"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550389",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550389"
},
{
"name": "38352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38352"
}
]
}
}

140
2010/0xxx/CVE-2010-0947.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0947",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100306 [xss] a xss on \"action\" parameter in BBSMAX",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/509905/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.org/1003-exploits/bbsmax-xss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1003-exploits/bbsmax-xss.txt"
},
{
"name" : "38592",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38592"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100306 [xss] a xss on \"action\" parameter in BBSMAX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509905/100/0/threaded"
},
{
"name": "http://packetstormsecurity.org/1003-exploits/bbsmax-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/bbsmax-xss.txt"
},
{
"name": "38592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38592"
}
]
}
}

140
2010/0xxx/CVE-2010-0975.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0975",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txt"
},
{
"name" : "11678",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11678"
},
{
"name" : "phpcityportal-external-file-include(56812)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56812"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phpcityportal-external-file-include(56812)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56812"
},
{
"name": "11678",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11678"
},
{
"name": "http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/phpcityportal-sqlrfi.txt"
}
]
}
}

150
2010/1xxx/CVE-2010-1369.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1369",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/0812-exploits/preclass-sqlxss.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0812-exploits/preclass-sqlxss.txt"
},
{
"name" : "11589",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11589"
},
{
"name" : "38446",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38446"
},
{
"name" : "38768",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38768"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/0812-exploits/preclass-sqlxss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0812-exploits/preclass-sqlxss.txt"
},
{
"name": "38768",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38768"
},
{
"name": "38446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38446"
},
{
"name": "11589",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11589"
}
]
}
}

34
2010/1xxx/CVE-2010-1745.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1745",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1867. Reason: This candidate is a duplicate of CVE-2010-1867. Notes: All CVE users should reference CVE-2010-1867 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2010-1745",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1867. Reason: This candidate is a duplicate of CVE-2010-1867. Notes: All CVE users should reference CVE-2010-1867 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

140
2010/1xxx/CVE-2010-1889.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1889",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka \"Windows Kernel Double Free Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-1889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS10-047",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-047"
},
{
"name" : "TA10-222A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name" : "oval:org.mitre.oval:def:11044",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11044"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka \"Windows Kernel Double Free Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA10-222A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name": "oval:org.mitre.oval:def:11044",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11044"
},
{
"name": "MS10-047",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-047"
}
]
}
}

200
2010/3xxx/CVE-2010-3900.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3900",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20100917 Re: CVE request: epiphany not checking ssl certs",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2010/09/17/6"
},
{
"name" : "http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/",
"refsource" : "MISC",
"url" : "http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/"
},
{
"name" : "http://www.twotoasts.de/bugs/index.php?do=details&task_id=743",
"refsource" : "MISC",
"url" : "http://www.twotoasts.de/bugs/index.php?do=details&task_id=743"
},
{
"name" : "http://git.xfce.org/apps/midori/tree/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://git.xfce.org/apps/midori/tree/ChangeLog"
},
{
"name" : "http://www.twotoasts.de/bugs/index.php?do=details&task_id=168",
"refsource" : "CONFIRM",
"url" : "http://www.twotoasts.de/bugs/index.php?do=details&task_id=168"
},
{
"name" : "http://www.twotoasts.de/index.php?/archives/30-Validation,-vending-and-Vala.html",
"refsource" : "CONFIRM",
"url" : "http://www.twotoasts.de/index.php?/archives/30-Validation,-vending-and-Vala.html"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "http://www.twotoasts.de/bugs/index.php?do=details&task_id=168",
"refsource": "CONFIRM",
"url": "http://www.twotoasts.de/bugs/index.php?do=details&task_id=168"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/",
"refsource": "MISC",
"url": "http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/"
},
{
"name": "http://git.xfce.org/apps/midori/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "http://git.xfce.org/apps/midori/tree/ChangeLog"
},
{
"name": "http://www.twotoasts.de/index.php?/archives/30-Validation,-vending-and-Vala.html",
"refsource": "CONFIRM",
"url": "http://www.twotoasts.de/index.php?/archives/30-Validation,-vending-and-Vala.html"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "[oss-security] 20100917 Re: CVE request: epiphany not checking ssl certs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/17/6"
},
{
"name": "http://www.twotoasts.de/bugs/index.php?do=details&task_id=743",
"refsource": "MISC",
"url": "http://www.twotoasts.de/bugs/index.php?do=details&task_id=743"
}
]
}
}

150
2010/4xxx/CVE-2010-4114.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4114",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-4114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "HPSBMA02617",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/515286"
},
{
"name" : "SSRT100338",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/515286"
},
{
"name" : "1024903",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024903"
},
{
"name" : "42637",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42637"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024903",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024903"
},
{
"name": "HPSBMA02617",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/515286"
},
{
"name": "SSRT100338",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/515286"
},
{
"name": "42637",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42637"
}
]
}
}

34
2010/4xxx/CVE-2010-4135.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4135",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2010-4135",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
}
]
}
}

34
2010/4xxx/CVE-2010-4136.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4136",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2010-4136",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
}
]
}
}

160
2010/4xxx/CVE-2010-4514.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4514",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx in DotNetNuke 5.05.01 and 5.06.00 allows remote attackers to inject arbitrary web script or HTML via the __VIEWSTATE parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/files/view/96378/PR10-19.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/96378/PR10-19.txt"
},
{
"name" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-19",
"refsource" : "MISC",
"url" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-19"
},
{
"name" : "45180",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45180"
},
{
"name" : "1024828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024828"
},
{
"name" : "42478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42478"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx in DotNetNuke 5.05.01 and 5.06.00 allows remote attackers to inject arbitrary web script or HTML via the __VIEWSTATE parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/view/96378/PR10-19.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96378/PR10-19.txt"
},
{
"name": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-19",
"refsource": "MISC",
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-19"
},
{
"name": "1024828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024828"
},
{
"name": "42478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42478"
},
{
"name": "45180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45180"
}
]
}
}

150
2010/4xxx/CVE-2010-4639.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4639",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "15402",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15402"
},
{
"name" : "http://packetstormsecurity.org/1011-exploits/mysourcematrix-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1011-exploits/mysourcematrix-sql.txt"
},
{
"name" : "44612",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44612"
},
{
"name" : "mysourcematrix-index-sql-injection(62961)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62961"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15402",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15402"
},
{
"name": "44612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44612"
},
{
"name": "http://packetstormsecurity.org/1011-exploits/mysourcematrix-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1011-exploits/mysourcematrix-sql.txt"
},
{
"name": "mysourcematrix-index-sql-injection(62961)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62961"
}
]
}
}

34
2014/0xxx/CVE-2014-0530.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0530",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-0530",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

150
2014/0xxx/CVE-2014-0828.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0828",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21667016",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21667016"
},
{
"name" : "PI10734",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI10734"
},
{
"name" : "66556",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66556"
},
{
"name" : "ibm-wsportal-cve20140828-wcm-xss(90566)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90566"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21667016",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21667016"
},
{
"name": "PI10734",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI10734"
},
{
"name": "ibm-wsportal-cve20140828-wcm-xss(90566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90566"
},
{
"name": "66556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66556"
}
]
}
}

140
2014/0xxx/CVE-2014-0882.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0882",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.lenovo.com/us/en/solutions/ht114525",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/ht114525"
},
{
"name" : "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
},
{
"name" : "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/solutions/ht114525",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/ht114525"
},
{
"name": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
},
{
"name": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
}
]
}
}

34
2014/4xxx/CVE-2014-4185.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4185",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4185",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

480
2014/4xxx/CVE-2014-4219.json
View File

@ -1,242 +1,242 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4219",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name" : "DSA-2980",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2980"
},
{
"name" : "DSA-2987",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2987"
},
{
"name" : "GLSA-201502-12",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name" : "HPSBUX03092",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "SSRT101668",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name" : "RHSA-2015:0264",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name" : "RHSA-2014:0902",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name" : "RHSA-2014:0908",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name" : "SUSE-SU-2015:0344",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name" : "SUSE-SU-2015:0376",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name" : "SUSE-SU-2015:0392",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name" : "68620",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68620"
},
{
"name" : "1030577",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030577"
},
{
"name" : "60245",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60245"
},
{
"name" : "60081",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60081"
},
{
"name" : "60317",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60317"
},
{
"name" : "61577",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61577"
},
{
"name" : "61640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61640"
},
{
"name" : "59404",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59404"
},
{
"name" : "60817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60817"
},
{
"name" : "60485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60485"
},
{
"name" : "59985",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59985"
},
{
"name" : "59986",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59986"
},
{
"name" : "59924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59924"
},
{
"name" : "59987",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59987"
},
{
"name" : "59680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59680"
},
{
"name" : "60622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60622"
},
{
"name" : "60129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60129"
},
{
"name" : "60812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60812"
},
{
"name" : "oracle-cpujul2014-cve20144219(94589)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94589"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2987",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"name": "60129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60129"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "DSA-2980",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "59987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59987"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name": "60812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60812"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "59986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59986"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60245"
},
{
"name": "60817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59680"
},
{
"name": "oracle-cpujul2014-cve20144219(94589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94589"
},
{
"name": "68620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68620"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name": "60622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60622"
},
{
"name": "60081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60081"
},
{
"name": "RHSA-2014:0902",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "59985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61640"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60317"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "59404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59404"
}
]
}
}

230
2014/4xxx/CVE-2014-4421.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4421",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/kb/HT6535",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6535"
},
{
"name" : "http://support.apple.com/HT204244",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/HT204244"
},
{
"name" : "http://support.apple.com/kb/HT6441",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6441"
},
{
"name" : "http://support.apple.com/kb/HT6442",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6442"
},
{
"name" : "APPLE-SA-2014-09-17-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
},
{
"name" : "APPLE-SA-2014-09-17-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
},
{
"name" : "APPLE-SA-2014-10-16-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name" : "APPLE-SA-2015-01-27-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name" : "69882",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69882"
},
{
"name" : "69924",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69924"
},
{
"name" : "1030866",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030866"
},
{
"name" : "appleioscve20144421-info-disc(96103)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96103"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69924"
},
{
"name": "appleioscve20144421-info-disc(96103)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96103"
},
{
"name": "http://support.apple.com/kb/HT6441",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6441"
},
{
"name": "1030866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030866"
},
{
"name": "http://support.apple.com/kb/HT6442",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6442"
},
{
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "APPLE-SA-2014-09-17-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
},
{
"name": "69882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69882"
},
{
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "APPLE-SA-2014-09-17-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
}
]
}
}

150
2014/4xxx/CVE-2014-4784.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4784",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not properly restrict use of FRAME elements, which allows remote attackers to conduct phishing attacks, and bypass intended access restrictions or obtain sensitive information, via a crafted web site, related to a \"frame injection\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682450",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682450"
},
{
"name" : "69698",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69698"
},
{
"name" : "60996",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60996"
},
{
"name" : "ibm-imds-cve20144784-frame-injection(95031)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95031"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not properly restrict use of FRAME elements, which allows remote attackers to conduct phishing attacks, and bypass intended access restrictions or obtain sensitive information, via a crafted web site, related to a \"frame injection\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-imds-cve20144784-frame-injection(95031)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95031"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682450",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682450"
},
{
"name": "60996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60996"
},
{
"name": "69698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69698"
}
]
}
}

130
2014/4xxx/CVE-2014-4843.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4843",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21698548",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21698548"
},
{
"name" : "73943",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73943"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73943"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21698548",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698548"
}
]
}
}

170
2014/8xxx/CVE-2014-8104.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8104",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b",
"refsource" : "CONFIRM",
"url" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b"
},
{
"name" : "http://advisories.mageia.org/MGASA-2014-0512.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2014-0512.html"
},
{
"name" : "DSA-3084",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-3084"
},
{
"name" : "MDVSA-2015:139",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:139"
},
{
"name" : "openSUSE-SU-2014:1594",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html"
},
{
"name" : "USN-2430-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2430-1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2015:139",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:139"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0512.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0512.html"
},
{
"name": "USN-2430-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2430-1"
},
{
"name": "DSA-3084",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3084"
},
{
"name": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b",
"refsource": "CONFIRM",
"url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b"
},
{
"name": "openSUSE-SU-2014:1594",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00008.html"
}
]
}
}

34
2014/9xxx/CVE-2014-9010.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9010",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9010",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2014/9xxx/CVE-2014-9212.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9212",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent in Altitude uCI (Unified Customer Interaction) 7.5 allow remote attackers to inject arbitrary web script or HTML via (1) an email hyperlink or the (2) style parameter in the image attribute section."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/129372/Altitude-uAgent-Altitude-uCI-7.5-XSS.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/129372/Altitude-uAgent-Altitude-uCI-7.5-XSS.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent in Altitude uCI (Unified Customer Interaction) 7.5 allow remote attackers to inject arbitrary web script or HTML via (1) an email hyperlink or the (2) style parameter in the image attribute section."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/129372/Altitude-uAgent-Altitude-uCI-7.5-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129372/Altitude-uAgent-Altitude-uCI-7.5-XSS.html"
}
]
}
}

34
2014/9xxx/CVE-2014-9233.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9233",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-9233",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

34
2014/9xxx/CVE-2014-9255.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9255",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9255",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/3xxx/CVE-2016-3012.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3012",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988212",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988212"
},
{
"name" : "92417",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92417"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92417"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988212",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988212"
}
]
}
}

140
2016/3xxx/CVE-2016-3130.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@blackberry.com",
"ID" : "CVE-2016-3130",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "BES12 versions through 12.5.2",
"version" : {
"version_data" : [
{
"version_value" : "BES12 versions through 12.5.2"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "information disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "secure@blackberry.com",
"ID": "CVE-2016-3130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BES12 versions through 12.5.2",
"version": {
"version_data": [
{
"version_value": "BES12 versions through 12.5.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038914",
"refsource" : "CONFIRM",
"url" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038914"
},
{
"name" : "95924",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95924"
},
{
"name" : "1037584",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037584"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements during a login attempt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038914",
"refsource": "CONFIRM",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038914"
},
{
"name": "95924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95924"
},
{
"name": "1037584",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037584"
}
]
}
}

150
2016/3xxx/CVE-2016-3567.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3567",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91862"
},
{
"name" : "1036393",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036393"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91862"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "1036393",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036393"
}
]
}
}

140
2016/6xxx/CVE-2016-6404.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6404",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160914 Cisco IOS and IOS XE Software IOx Local Manager Cross-Site Scripting Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios"
},
{
"name" : "92963",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92963"
},
{
"name" : "1036834",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036834"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92963"
},
{
"name": "1036834",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036834"
},
{
"name": "20160914 Cisco IOS and IOS XE Software IOx Local Manager Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios"
}
]
}
}

34
2016/6xxx/CVE-2016-6638.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6638",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-6638",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

122
2016/6xxx/CVE-2016-6811.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_PUBLIC" : "2018-05-01T00:00:00",
"ID" : "CVE-2016-6811",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2018-05-01T00:00:00",
"ID": "CVE-2016-6811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[general] 20180501 CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability",
"refsource" : "MLIST",
"url" : "https://lists.apache.org/thread.html/9ba3c12bbdfd5b2cae60909e48f92608e00c8d99196390b8cfeca307@%3Cgeneral.hadoop.apache.org%3E"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[general] 20180501 CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/9ba3c12bbdfd5b2cae60909e48f92608e00c8d99196390b8cfeca307@%3Cgeneral.hadoop.apache.org%3E"
}
]
}
}

190
2016/7xxx/CVE-2016-7479.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@checkpoint.com",
"ID" : "CVE-2016-7479",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "PHP 7.x",
"version" : {
"version_data" : [
{
"version_value" : "PHP 7.x"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2016-7479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PHP 7.x",
"version": {
"version_data": [
{
"version_value": "PHP 7.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7",
"refsource" : "MISC",
"url" : "http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7"
},
{
"name" : "http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf",
"refsource" : "MISC",
"url" : "http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf"
},
{
"name" : "https://bugs.php.net/bug.php?id=73092",
"refsource" : "MISC",
"url" : "https://bugs.php.net/bug.php?id=73092"
},
{
"name" : "https://www.youtube.com/watch?v=LDcaPstAuPk",
"refsource" : "MISC",
"url" : "https://www.youtube.com/watch?v=LDcaPstAuPk"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180112-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"name" : "RHSA-2018:1296",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"name" : "95151",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95151"
},
{
"name" : "1037659",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037659"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf",
"refsource": "MISC",
"url": "http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf"
},
{
"name": "https://www.youtube.com/watch?v=LDcaPstAuPk",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=LDcaPstAuPk"
},
{
"name": "https://bugs.php.net/bug.php?id=73092",
"refsource": "MISC",
"url": "https://bugs.php.net/bug.php?id=73092"
},
{
"name": "RHSA-2018:1296",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180112-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"name": "95151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95151"
},
{
"name": "1037659",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037659"
},
{
"name": "http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7",
"refsource": "MISC",
"url": "http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7"
}
]
}
}

34
2016/7xxx/CVE-2016-7739.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7739",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7739",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

130
2016/7xxx/CVE-2016-7840.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7840",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WEB SCHEDULE",
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
}
]
},
"vendor_name" : "Olive Design"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site scripting"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WEB SCHEDULE",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "JVN#12124922",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name" : "95312",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95312"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#12124922",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95312"
}
]
}
}

34
2016/8xxx/CVE-2016-8260.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8260",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8260",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

160
2016/8xxx/CVE-2016-8699.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8699",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160818 potrace: multiple crashes",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/08/18/11"
},
{
"name" : "[oss-security] 20161015 Re: potrace: multiple crashes",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/16/12"
},
{
"name" : "https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/"
},
{
"name" : "http://potrace.sourceforge.net/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://potrace.sourceforge.net/ChangeLog"
},
{
"name" : "93778",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93778"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93778"
},
{
"name": "[oss-security] 20161015 Re: potrace: multiple crashes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/16/12"
},
{
"name": "https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/"
},
{
"name": "[oss-security] 20160818 potrace: multiple crashes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/11"
},
{
"name": "http://potrace.sourceforge.net/ChangeLog",
"refsource": "CONFIRM",
"url": "http://potrace.sourceforge.net/ChangeLog"
}
]
}
}