admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:39:45 +00:00
parent 4946c40682
commit b57952ab34
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
48 changed files with 3530 additions and 3530 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2006/0xxx/CVE-2006-0890.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0890", "ID": "CVE-2006-0890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipulations in a (1) JAR or (2) ZIP archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060224 SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1 Directory traversal", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/425973/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipulations in a (1) JAR or (2) ZIP archive."
{ }
"name" : "16807", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16807" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0731", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0731" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23465", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/23465" ]
}, },
{ "references": {
"name" : "19006", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19006" "name": "16807",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16807"
"name" : "speedproject-zip-jar-directory-traversal(24909)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24909" "name": "19006",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19006"
} },
} {
"name": "speedproject-zip-jar-directory-traversal(24909)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24909"
},
{
"name": "ADV-2006-0731",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0731"
},
{
"name": "20060224 SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1 Directory traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425973/100/0/threaded"
},
{
"name": "23465",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23465"
}
]
}
}

160
2006/3xxx/CVE-2006-3275.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3275", "ID": "CVE-2006-3275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to execute SQL commands via a double-encoded user parameter in a viewprofile action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060623 NDSD-06-001", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=115102378824221&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to execute SQL commands via a double-encoded user parameter in a viewprofile action."
{ }
"name" : "18625", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18625" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2504", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2504" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20780", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/20780" ]
}, },
{ "references": {
"name" : "yabb-profile-sql-injection(27331)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27331" "name": "ADV-2006-2504",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/2504"
} },
} {
"name": "20060623 NDSD-06-001",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=115102378824221&w=2"
},
{
"name": "yabb-profile-sql-injection(27331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27331"
},
{
"name": "20780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20780"
},
{
"name": "18625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18625"
}
]
}
}

240
2006/3xxx/CVE-2006-3549.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3549", "ID": "CVE-2006-3549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform \"Web tunneling\" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060705 Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/439255/100/0/threaded" "lang": "eng",
}, "value": "services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform \"Web tunneling\" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server."
{ }
"name" : "http://moritz-naumann.com/adv/0011/hordemulti/0011.txt", ]
"refsource" : "MISC", },
"url" : "http://moritz-naumann.com/adv/0011/hordemulti/0011.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://lists.horde.org/archives/announce/2006/000287.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://lists.horde.org/archives/announce/2006/000287.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://lists.horde.org/archives/announce/2006/000288.html", ]
"refsource" : "CONFIRM", }
"url" : "http://lists.horde.org/archives/announce/2006/000288.html" ]
}, },
{ "references": {
"name" : "DSA-1406", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1406" "name": "http://lists.horde.org/archives/announce/2006/000287.html",
}, "refsource": "CONFIRM",
{ "url": "http://lists.horde.org/archives/announce/2006/000287.html"
"name" : "SUSE-SR:2006:019", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_19_sr.html" "name": "18845",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18845"
"name" : "18845", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18845" "name": "ADV-2006-2694",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/2694"
"name" : "ADV-2006-2694", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2694" "name": "21459",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21459"
"name" : "1016442", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016442" "name": "SUSE-SR:2006:019",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_19_sr.html"
"name" : "20954", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20954" "name": "27565",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27565"
"name" : "21459", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21459" "name": "1016442",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016442"
"name" : "27565", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27565" "name": "http://lists.horde.org/archives/announce/2006/000288.html",
}, "refsource": "CONFIRM",
{ "url": "http://lists.horde.org/archives/announce/2006/000288.html"
"name" : "1229", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1229" "name": "1229",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1229"
} },
} {
"name": "http://moritz-naumann.com/adv/0011/hordemulti/0011.txt",
"refsource": "MISC",
"url": "http://moritz-naumann.com/adv/0011/hordemulti/0011.txt"
},
{
"name": "DSA-1406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1406"
},
{
"name": "20954",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20954"
},
{
"name": "20060705 Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439255/100/0/threaded"
}
]
}
}

170
2006/4xxx/CVE-2006-4212.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4212", "ID": "CVE-2006-4212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1540643&group_id=9444&atid=309444", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1540643&group_id=9444&atid=309444" "lang": "eng",
}, "value": "SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "JVN#39103264", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/jp/JVN%2339103264/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19552", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19552" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3285", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3285" ]
}, },
{ "references": {
"name" : "21519", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21519" "name": "JVN#39103264",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2339103264/index.html"
"name" : "owlik-unspecified-sql-injection(28404)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28404" "name": "owlik-unspecified-sql-injection(28404)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28404"
} },
} {
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1540643&group_id=9444&atid=309444",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1540643&group_id=9444&atid=309444"
},
{
"name": "ADV-2006-3285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3285"
},
{
"name": "21519",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21519"
},
{
"name": "19552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19552"
}
]
}
}

150
2006/4xxx/CVE-2006-4501.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4501", "ID": "CVE-2006-4501",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) about, (2) album, (3) id, (4) use, (5) desc, (6) doc, (7) mname, (8) max, and possibly other parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060830 Ezportal/Ztml v1.0 Multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/444743/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) about, (2) album, (3) id, (4) use, (5) desc, (6) doc, (7) mname, (8) max, and possibly other parameters."
{ }
"name" : "19759", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19759" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1481", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1481" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ezportalztml-index-sql-injection(28667)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28667" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20060830 Ezportal/Ztml v1.0 Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444743/100/0/threaded"
},
{
"name": "1481",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1481"
},
{
"name": "ezportalztml-index-sql-injection(28667)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28667"
},
{
"name": "19759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19759"
}
]
}
}

180
2006/6xxx/CVE-2006-6258.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6258", "ID": "CVE-2006-6258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061128 Multiple Vulnerabilities in AlternC version 0.9.5", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/452988/100/0/threaded" "lang": "eng",
}, "value": "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
{ }
"name" : "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt", ]
"refsource" : "MISC", },
"url" : "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21355", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21355" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4851", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4851" ]
}, },
{ "references": {
"name" : "23144", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23144" "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
"name" : "1965", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1965" "name": "21355",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21355"
"name" : "alternc-multiple-xss(30625)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625" "name": "1965",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1965"
} },
} {
"name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
"refsource": "MISC",
"url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
},
{
"name": "23144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23144"
},
{
"name": "alternc-multiple-xss(30625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
},
{
"name": "ADV-2006-4851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4851"
}
]
}
}

160
2006/6xxx/CVE-2006-6611.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6611", "ID": "CVE-2006-6611",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in interface.php in Barman 0.0.1r3 allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2920", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2920" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in interface.php in Barman 0.0.1r3 allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter."
{ }
"name" : "20061217 Source VERIFY of Barman interface.php/basepath RFI", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2006-December/001184.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21544", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21544" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4944", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4944" ]
}, },
{ "references": {
"name" : "barman-interface-file-include(30823)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30823" "name": "2920",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/2920"
} },
} {
"name": "20061217 Source VERIFY of Barman interface.php/basepath RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-December/001184.html"
},
{
"name": "barman-interface-file-include(30823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30823"
},
{
"name": "ADV-2006-4944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4944"
},
{
"name": "21544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21544"
}
]
}
}

180
2006/6xxx/CVE-2006-6783.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6783", "ID": "CVE-2006-6783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), possibly because of an authentication bypass. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061225 logahead UNU edition 1.0 Remote File Upload & code execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455307/100/0/threaded" "lang": "eng",
}, "value": "logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), possibly because of an authentication bypass. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://logahead.com/forums/comments.php?DiscussionID=216", ]
"refsource" : "CONFIRM", },
"url" : "http://logahead.com/forums/comments.php?DiscussionID=216" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21743", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21743" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-5184", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/5184" ]
}, },
{ "references": {
"name" : "1017444", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017444" "name": "20061225 logahead UNU edition 1.0 Remote File Upload & code execution",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455307/100/0/threaded"
"name" : "23470", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23470" "name": "ADV-2006-5184",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/5184"
"name" : "2071", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2071" "name": "21743",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/21743"
} },
} {
"name": "2071",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2071"
},
{
"name": "1017444",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017444"
},
{
"name": "23470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23470"
},
{
"name": "http://logahead.com/forums/comments.php?DiscussionID=216",
"refsource": "CONFIRM",
"url": "http://logahead.com/forums/comments.php?DiscussionID=216"
}
]
}
}

140
2006/6xxx/CVE-2006-6784.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6784", "ID": "CVE-2006-6784",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Netbula Anyboard allows remote attackers to execute arbitrary SQL commands via the user name in the login form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061225 Forum AnyBoard - Sql Inyection By Firewall", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455263/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in Netbula Anyboard allows remote attackers to execute arbitrary SQL commands via the user name in the login form."
{ }
"name" : "21734", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21734" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2063", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2063" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "21734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21734"
},
{
"name": "2063",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2063"
},
{
"name": "20061225 Forum AnyBoard - Sql Inyection By Firewall",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455263/100/0/threaded"
}
]
}
}

34
2010/2xxx/CVE-2010-2061.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2061", "ID": "CVE-2010-2061",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2010/2xxx/CVE-2010-2234.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-2234", "ID": "CVE-2010-2234",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100817 CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/513174/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL."
{ }
"name" : "20100817 CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2010/Aug/199" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=624764", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=624764" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42501", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/42501" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20100817 CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Aug/199"
},
{
"name": "20100817 CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513174/100/0/threaded"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=624764",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624764"
},
{
"name": "42501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42501"
}
]
}
}

140
2010/2xxx/CVE-2010-2733.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-2733", "ID": "CVE-2010-2733",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"UAG XSS Allows EOP Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-089", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"UAG XSS Allows EOP Vulnerability.\""
{ }
"name" : "TA10-313A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-313A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12127", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12127" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:12127",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12127"
},
{
"name": "MS10-089",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089"
},
{
"name": "TA10-313A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html"
}
]
}
}

220
2010/2xxx/CVE-2010-2757.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2757", "ID": "CVE-2010-2757",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.bugzilla.org/security/3.2.7/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.bugzilla.org/security/3.2.7/" "lang": "eng",
}, "value": "The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=450013", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=450013" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=623423", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=623423" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2010-13072", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html" ]
}, },
{ "references": {
"name" : "FEDORA-2010-13086", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=450013",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=450013"
"name" : "FEDORA-2010-13171", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html" "name": "ADV-2010-2035",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2035"
"name" : "42275", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42275" "name": "FEDORA-2010-13072",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html"
"name" : "40892", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40892" "name": "FEDORA-2010-13171",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html"
"name" : "41128", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41128" "name": "40892",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40892"
"name" : "ADV-2010-2035", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2035" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=623423",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=623423"
"name" : "ADV-2010-2205", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2205" "name": "FEDORA-2010-13086",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html"
} },
} {
"name": "42275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42275"
},
{
"name": "http://www.bugzilla.org/security/3.2.7/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/3.2.7/"
},
{
"name": "41128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41128"
},
{
"name": "ADV-2010-2205",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2205"
}
]
}
}

170
2010/3xxx/CVE-2010-3889.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3889", "ID": "CVE-2010-3889",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_" "lang": "eng",
}, "value": "Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers."
{ }
"name" : "http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-(1)", ]
"refsource" : "MISC", },
"url" : "http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-(1)" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061", "description": [
"refsource" : "MISC", {
"url" : "http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities", ]
"refsource" : "MISC", }
"url" : "http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities" ]
}, },
{ "references": {
"name" : "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml" "name": "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml",
}, "refsource": "MISC",
{ "url": "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml"
"name" : "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml", },
"refsource" : "MISC", {
"url" : "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml" "name": "http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-(1)",
} "refsource": "MISC",
] "url": "http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716-(1)"
} },
} {
"name": "http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities"
},
{
"name": "http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_",
"refsource": "MISC",
"url": "http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_"
},
{
"name": "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml",
"refsource": "MISC",
"url": "http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml"
},
{
"name": "http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061",
"refsource": "MISC",
"url": "http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061"
}
]
}
}

230
2011/0xxx/CVE-2011-0447.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0447", "ID": "CVE-2011-0447",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage \"combinations of browser plugins and HTTP redirects,\" a related issue to CVE-2011-0696."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[rubyonrails-security] 20110209 CSRF Protection Bypass in Ruby on Rails", "description_data": [
"refsource" : "MLIST", {
"url" : "http://groups.google.com/group/rubyonrails-security/msg/c22ea1668c0d181c?dmode=source&output=gplain" "lang": "eng",
}, "value": "Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage \"combinations of browser plugins and HTTP redirects,\" a related issue to CVE-2011-0696."
{ }
"name" : "http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails", ]
"refsource" : "CONFIRM", },
"url" : "http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2247", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2247" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2011-2133", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html" ]
}, },
{ "references": {
"name" : "FEDORA-2011-2138", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html" "name": "ADV-2011-0587",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0587"
"name" : "FEDORA-2011-4358", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html" "name": "http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails",
}, "refsource": "CONFIRM",
{ "url": "http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails"
"name" : "46291", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46291" "name": "1025060",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1025060"
"name" : "1025060", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025060" "name": "FEDORA-2011-2138",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html"
"name" : "43274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43274" "name": "46291",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/46291"
"name" : "43666", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43666" "name": "DSA-2247",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2247"
"name" : "ADV-2011-0587", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0587" "name": "[rubyonrails-security] 20110209 CSRF Protection Bypass in Ruby on Rails",
}, "refsource": "MLIST",
{ "url": "http://groups.google.com/group/rubyonrails-security/msg/c22ea1668c0d181c?dmode=source&output=gplain"
"name" : "ADV-2011-0877", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0877" "name": "FEDORA-2011-4358",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html"
} },
} {
"name": "43274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43274"
},
{
"name": "ADV-2011-0877",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0877"
},
{
"name": "FEDORA-2011-2133",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html"
},
{
"name": "43666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43666"
}
]
}
}

200
2011/0xxx/CVE-2011-0535.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-0535", "ID": "CVE-2011-0535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110201 Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2011/Feb/0" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php."
{ }
"name" : "[oss-security] 20110201 CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2011/02/01/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110203 Re: CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/02/03/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bl0g.yehg.net/2011/02/zikula-cms-124-cross-site-request.html", ]
"refsource" : "MISC", }
"url" : "http://bl0g.yehg.net/2011/02/zikula-cms-124-cross-site-request.html" ]
}, },
{ "references": {
"name" : "http://code.zikula.org/core12/browser/tags/Zikula-1.2.5/src/docs/CHANGELOG", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.zikula.org/core12/browser/tags/Zikula-1.2.5/src/docs/CHANGELOG" "name": "[oss-security] 20110203 Re: CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/02/03/1"
"name" : "http://community.zikula.org/index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released", },
"refsource" : "CONFIRM", {
"url" : "http://community.zikula.org/index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released" "name": "http://community.zikula.org/index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released",
}, "refsource": "CONFIRM",
{ "url": "http://community.zikula.org/index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released"
"name" : "70751", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/70751" "name": "http://code.zikula.org/core12/browser/tags/Zikula-1.2.5/src/docs/CHANGELOG",
}, "refsource": "CONFIRM",
{ "url": "http://code.zikula.org/core12/browser/tags/Zikula-1.2.5/src/docs/CHANGELOG"
"name" : "43114", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43114" "name": "70751",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/70751"
"name" : "8067", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8067" "name": "43114",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/43114"
} },
} {
"name": "8067",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8067"
},
{
"name": "[oss-security] 20110201 CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/01/1"
},
{
"name": "20110201 Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Feb/0"
},
{
"name": "http://bl0g.yehg.net/2011/02/zikula-cms-124-cross-site-request.html",
"refsource": "MISC",
"url": "http://bl0g.yehg.net/2011/02/zikula-cms-124-cross-site-request.html"
}
]
}
}

370
2011/0xxx/CVE-2011-0873.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0873", "ID": "CVE-2011-0873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/css/P8/documents/100144512", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100144512" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100147041", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100147041" ]
}, },
{ "references": {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html" "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html"
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", },
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "name": "SUSE-SU-2011:0863",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html"
"name" : "HPSBUX02697", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "SSRT100591", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "RHSA-2011:1087",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1087.html"
"name" : "HPSBMU02797", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "TA11-201A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
"name" : "SSRT100867", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "http://support.avaya.com/css/P8/documents/100144512",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100144512"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "SUSE-SA:2011:032",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html"
"name" : "RHSA-2011:0860", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0860.html" "name": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html"
"name" : "RHSA-2011:0938", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0938.html" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "RHSA-2011:1087", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1087.html" "name": "44818",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44818"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "RHSA-2011:0938",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0938.html"
"name" : "SUSE-SA:2011:032", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html" "name": "http://support.avaya.com/css/P8/documents/100147041",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100147041"
"name" : "SUSE-SA:2011:030", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html" "name": "44930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44930"
"name" : "SUSE-SU-2011:0807", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html" "name": "SUSE-SA:2011:030",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html"
"name" : "SUSE-SU-2011:0863", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html" "name": "oval:org.mitre.oval:def:13888",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13888"
"name" : "openSUSE-SU-2011:0633", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html" "name": "SSRT100591",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
"name" : "TA11-201A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" "name": "48148",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/48148"
"name" : "48148", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48148" "name": "SSRT100867",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
"name" : "oval:org.mitre.oval:def:13888", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13888" "name": "SUSE-SU-2011:0807",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html"
"name" : "oval:org.mitre.oval:def:14153", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14153" "name": "openSUSE-SU-2011:0633",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html"
"name" : "44818", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44818" "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
"name" : "44930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44930" "name": "oval:org.mitre.oval:def:14153",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14153"
} },
} {
"name": "HPSBUX02697",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
},
{
"name": "RHSA-2011:0860",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0860.html"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}

34
2011/1xxx/CVE-2011-1134.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1134", "ID": "CVE-2011-1134",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2011/1xxx/CVE-2011-1386.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1386", "ID": "CVE-2011-1386",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization requirements via a non-conforming SAML signature."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21575309", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21575309" "lang": "eng",
}, "value": "IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization requirements via a non-conforming SAML signature."
{ }
"name" : "IV10793", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10793" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "IV10801", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10801" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IV10813", ]
"refsource" : "AIXAPAR", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10813" ]
}, },
{ "references": {
"name" : "tfim-saml-weak-security(71686)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71686" "name": "IV10813",
} "refsource": "AIXAPAR",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10813"
} },
} {
"name": "tfim-saml-weak-security(71686)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71686"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21575309",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21575309"
},
{
"name": "IV10793",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10793"
},
{
"name": "IV10801",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV10801"
}
]
}
}

150
2011/4xxx/CVE-2011-4800.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4800", "ID": "CVE-2011-4800",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a \"..:/\" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18182", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18182" "lang": "eng",
}, "value": "Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a \"..:/\" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands."
{ }
"name" : "20111130 Serv-U Remote", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.serv-u.com/releasenotes/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.serv-u.com/releasenotes/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "47021", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/47021" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20111130 Serv-U Remote",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0454.html"
},
{
"name": "47021",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47021"
},
{
"name": "http://www.serv-u.com/releasenotes/",
"refsource": "CONFIRM",
"url": "http://www.serv-u.com/releasenotes/"
},
{
"name": "18182",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18182"
}
]
}
}

120
2011/5xxx/CVE-2011-5125.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5125", "ID": "CVE-2011-5125",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.bluecoat.com/index?page=content&id=SA62", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.bluecoat.com/index?page=content&id=SA62" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.bluecoat.com/index?page=content&id=SA62",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content&id=SA62"
}
]
}
}

160
2011/5xxx/CVE-2011-5146.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5146", "ID": "CVE-2011-5146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651931", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651931" "lang": "eng",
}, "value": "Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot."
{ }
"name" : "http://inguma.eu/projects/bokken/repository/revisions/56894084b0ec", ]
"refsource" : "CONFIRM", },
"url" : "http://inguma.eu/projects/bokken/repository/revisions/56894084b0ec" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ingumadev.blogspot.com/2012/01/bokken-16-is-more-stable-and-easier-to.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ingumadev.blogspot.com/2012/01/bokken-16-is-more-stable-and-easier-to.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "77700", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/77700" ]
}, },
{ "references": {
"name" : "47252", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47252" "name": "http://inguma.eu/projects/bokken/repository/revisions/56894084b0ec",
} "refsource": "CONFIRM",
] "url": "http://inguma.eu/projects/bokken/repository/revisions/56894084b0ec"
} },
} {
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651931",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651931"
},
{
"name": "47252",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47252"
},
{
"name": "77700",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/77700"
},
{
"name": "http://ingumadev.blogspot.com/2012/01/bokken-16-is-more-stable-and-easier-to.html",
"refsource": "CONFIRM",
"url": "http://ingumadev.blogspot.com/2012/01/bokken-16-is-more-stable-and-easier-to.html"
}
]
}
}

150
2014/2xxx/CVE-2014-2513.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2014-2513", "ID": "CVE-2014-2513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140707 ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-07/0024.html" "lang": "eng",
}, "value": "EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script."
{ }
"name" : "68435", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/68435" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030529", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030529" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "59757", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/59757" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1030529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030529"
},
{
"name": "59757",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59757"
},
{
"name": "20140707 ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-07/0024.html"
},
{
"name": "68435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68435"
}
]
}
}

140
2014/3xxx/CVE-2014-3286.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-3286", "ID": "CVE-2014-3286",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140606 Cisco WebEx Meeting Server User Enumeration Vulnerabilty", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286" "lang": "eng",
}, "value": "The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661."
{ }
"name" : "67922", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/67922" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "58571", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58571" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20140606 Cisco WebEx Meeting Server User Enumeration Vulnerabilty",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286"
},
{
"name": "67922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67922"
},
{
"name": "58571",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58571"
}
]
}
}

140
2014/3xxx/CVE-2014-3883.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-3883", "ID": "CVE-2014-3883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.ipa.go.jp/security/ciadr/vul/20140620-jvn.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.ipa.go.jp/security/ciadr/vul/20140620-jvn.html" "lang": "eng",
}, "value": "Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action."
{ }
"name" : "JVN#48805624", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN48805624/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2014-000057", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000057" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.ipa.go.jp/security/ciadr/vul/20140620-jvn.html",
"refsource": "MISC",
"url": "https://www.ipa.go.jp/security/ciadr/vul/20140620-jvn.html"
},
{
"name": "JVN#48805624",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN48805624/index.html"
},
{
"name": "JVNDB-2014-000057",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000057"
}
]
}
}

130
2014/6xxx/CVE-2014-6627.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6627", "ID": "CVE-2014-6627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.arubanetworks.com/support/alerts/aid-10282014.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.arubanetworks.com/support/alerts/aid-10282014.txt" "lang": "eng",
}, "value": "Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342."
{ }
"name" : "61916", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/61916" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61916",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61916"
},
{
"name": "http://www.arubanetworks.com/support/alerts/aid-10282014.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/support/alerts/aid-10282014.txt"
}
]
}
}

120
2014/6xxx/CVE-2014-6628.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6628", "ID": "CVE-2014-6628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows remote administrators to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt" "lang": "eng",
} "value": "Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows remote administrators to execute arbitrary code via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt"
}
]
}
}

140
2014/6xxx/CVE-2014-6672.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6672", "ID": "CVE-2014-6672",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#524241", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/524241" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#524241",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/524241"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/6xxx/CVE-2014-6952.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6952", "ID": "CVE-2014-6952",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#209465", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/209465" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "VU#209465",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/209465"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7078.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7078", "ID": "CVE-2014-7078",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Payoneer Sign Up (aka com.wPayoneerSignUp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Payoneer Sign Up (aka com.wPayoneerSignUp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#189665", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/189665" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#189665",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/189665"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7572.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7572", "ID": "CVE-2014-7572",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbooklite) application 7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbooklite) application 7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#999089", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/999089" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#999089",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/999089"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7624.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7624", "ID": "CVE-2014-7624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#109585", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/109585" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#109585",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/109585"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7881.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2014-7881", "ID": "CVE-2014-7881",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMU03230", "description_data": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04537915" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "SSRT101875", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04537915" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "62162", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62162" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "SSRT101875",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04537915"
},
{
"name": "HPSBMU03230",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04537915"
},
{
"name": "62162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62162"
}
]
}
}

210
2014/7xxx/CVE-2014-7945.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-7945", "ID": "CVE-2014-7945",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html" "lang": "eng",
}, "value": "OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=414310", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=414310" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcc", "description": [
"refsource" : "CONFIRM", {
"url" : "https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201502-13", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201502-13.xml" ]
}, },
{ "references": {
"name" : "RHSA-2015:0093", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0093.html" "name": "62665",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62665"
"name" : "openSUSE-SU-2015:0441", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html" "name": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html"
"name" : "72288", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72288" "name": "https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcc",
}, "refsource": "CONFIRM",
{ "url": "https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcc"
"name" : "1031623", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031623" "name": "72288",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/72288"
"name" : "62383", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62383" "name": "GLSA-201502-13",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
"name" : "62665", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62665" "name": "1031623",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1031623"
} },
} {
"name": "https://code.google.com/p/chromium/issues/detail?id=414310",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=414310"
},
{
"name": "openSUSE-SU-2015:0441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name": "RHSA-2015:0093",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0093.html"
},
{
"name": "62383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62383"
}
]
}
}

120
2016/2xxx/CVE-2016-2199.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2199", "ID": "CVE-2016-2199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10147", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10147" "lang": "eng",
} "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10147",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10147"
}
]
}
}

130
2016/2xxx/CVE-2016-2504.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-2504", "ID": "CVE-2016-2504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026365 and Qualcomm internal bug CR1002974."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-08-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-08-01.html" "lang": "eng",
}, "value": "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026365 and Qualcomm internal bug CR1002974."
{ }
"name" : "92220", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92220" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "92220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92220"
}
]
}
}

34
2016/2xxx/CVE-2016-2718.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2718", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2718",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/2xxx/CVE-2016-2907.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2907", "ID": "CVE-2016-2907",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2017/18xxx/CVE-2017-18055.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-03-05T00:00:00", "DATE_PUBLIC": "2018-03-05T00:00:00",
"ID" : "CVE-2017-18055", "ID": "CVE-2017-18055",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=50a0554d12cff58b3ffbd51d3194304244b87023", "description_data": [
"refsource" : "MISC", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=50a0554d12cff58b3ffbd51d3194304244b87023" "lang": "eng",
}, "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow."
{ }
"name" : "https://source.android.com/security/bulletin/pixel/2018-03-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/pixel/2018-03-01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=50a0554d12cff58b3ffbd51d3194304244b87023",
"refsource": "MISC",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=50a0554d12cff58b3ffbd51d3194304244b87023"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2018-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-03-01"
}
]
}
}

220
2017/18xxx/CVE-2017-18204.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18204", "ID": "CVE-2017-18204",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300", "description_data": [
"refsource" : "MISC", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300" "lang": "eng",
}, "value": "The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests."
{ }
"name" : "https://github.com/torvalds/linux/commit/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300", ]
"refsource" : "MISC", },
"url" : "https://github.com/torvalds/linux/commit/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2", "description": [
"refsource" : "MISC", {
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3617-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3617-1/" ]
}, },
{ "references": {
"name" : "USN-3617-2", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3617-2/" "name": "USN-3617-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3617-1/"
"name" : "USN-3617-3", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3617-3/" "name": "USN-3619-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3619-2/"
"name" : "USN-3619-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3619-1/" "name": "USN-3617-3",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3617-3/"
"name" : "USN-3619-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3619-2/" "name": "https://github.com/torvalds/linux/commit/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300",
}, "refsource": "MISC",
{ "url": "https://github.com/torvalds/linux/commit/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300"
"name" : "USN-3655-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3655-2/" "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2",
}, "refsource": "MISC",
{ "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2"
"name" : "USN-3655-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3655-1/" "name": "USN-3655-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3655-1/"
"name" : "103183", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103183" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300",
} "refsource": "MISC",
] "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300"
} },
} {
"name": "USN-3655-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "USN-3617-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3617-2/"
},
{
"name": "103183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103183"
},
{
"name": "USN-3619-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-1/"
}
]
}
}

140
2017/1xxx/CVE-2017-1156.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1156", "ID": "CVE-2017-1156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebSphere Portal", "product_name": "WebSphere Portal",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8.5, 9.0" "version_value": "8.5, 9.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force. ID: 122592"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22000153", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22000153" "lang": "eng",
}, "value": "IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force. ID: 122592"
{ }
"name" : "98340", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98340" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038390", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038390" "lang": "eng",
} "value": "Gain Access"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22000153",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22000153"
},
{
"name": "1038390",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038390"
},
{
"name": "98340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98340"
}
]
}
}

34
2017/1xxx/CVE-2017-1585.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1585", "ID": "CVE-2017-1585",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1594.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1594", "ID": "CVE-2017-1594",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1958.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1958", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1958",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

274
2017/5xxx/CVE-2017-5459.json
View File

@ -1,139 +1,139 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-5459", "ID": "CVE-2017-5459",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.1" "version_value": "52.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.9" "version_value": "45.9"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.1" "version_value": "52.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "53" "version_value": "53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overflow in WebGL"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1333858", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1333858" "lang": "eng",
}, "value": "A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-10/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-10/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-11/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-11/" "lang": "eng",
}, "value": "Buffer overflow in WebGL"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-12/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-12/" ]
}, },
{ "references": {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-13/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-13/" "name": "RHSA-2017:1106",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1106"
"name" : "DSA-3831", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3831" "name": "https://www.mozilla.org/security/advisories/mfsa2017-12/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"
"name" : "RHSA-2017:1104", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1104" "name": "https://www.mozilla.org/security/advisories/mfsa2017-11/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"
"name" : "RHSA-2017:1106", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1106" "name": "https://www.mozilla.org/security/advisories/mfsa2017-10/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"
"name" : "RHSA-2017:1201", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1201" "name": "97940",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/97940"
"name" : "97940", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97940" "name": "DSA-3831",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2017/dsa-3831"
"name" : "1038320", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038320" "name": "https://www.mozilla.org/security/advisories/mfsa2017-13/",
} "refsource": "CONFIRM",
] "url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"
} },
} {
"name": "1038320",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038320"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1333858",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1333858"
},
{
"name": "RHSA-2017:1104",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1104"
},
{
"name": "RHSA-2017:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1201"
}
]
}
}

130
2017/5xxx/CVE-2017-5518.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5518", "ID": "CVE-2017-5518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonstrated by a URL with an intranet IP address."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/semplon/GeniXCMS/issues/64", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/semplon/GeniXCMS/issues/64" "lang": "eng",
}, "value": "The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonstrated by a URL with an intranet IP address."
{ }
"name" : "95462", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95462" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95462"
},
{
"name": "https://github.com/semplon/GeniXCMS/issues/64",
"refsource": "CONFIRM",
"url": "https://github.com/semplon/GeniXCMS/issues/64"
}
]
}
}

136
2017/5xxx/CVE-2017-5655.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2017-5655", "ID": "CVE-2017-5655",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Ambari", "product_name": "Apache Ambari",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.2.2 through 2.4.2" "version_value": "2.2.2 through 2.4.2"
}, },
{ {
"version_value" : "2.5.0" "version_value": "2.5.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "exposure of sensitive data"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3" "lang": "eng",
}, "value": "In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the host."
{ }
"name" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1", ]
"refsource" : "CONFIRM", },
"url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "exposure of sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.3"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.1"
}
]
}
}

190
2017/5xxx/CVE-2017-5986.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5986", "ID": "CVE-2017-5986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/02/14/6" "lang": "eng",
}, "value": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1420276", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1420276" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90" "name": "RHSA-2017:1308",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1308"
"name" : "DSA-3804", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3804" "name": "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/2dcab598484185dea7ec22219c76dcdd59e3cb90"
"name" : "RHSA-2017:1308", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1308" "name": "[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf()",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2017/02/14/6"
"name" : "96222", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96222" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90",
} "refsource": "CONFIRM",
] "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1420276",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420276"
},
{
"name": "96222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96222"
},
{
"name": "DSA-3804",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
}
]
}
}